Cybersecurity

CISA has published an advisory on reflected cross-site scripting, stored cross-site scripting, cross-site request forgery, hidden functionality, and use of unmaintained third-party components vulnerabilities in Red Lion N-Tron 702-W and 702M12-W. All versions of both products are affected. Successful exploitation of these vulnerabilities could allow an attacker to gain unauthorized access to sensitive information, execute system commands, and perform actions in the context of an attacked user. Red Lion’s 702-W Series was discontinued in 2018 and cannot be updated.

CISA has published an advisory on an inadequate encryption strength vulnerability in Emerson OpenEnterprise. All versions through 3.3.5 are affected. Successful exploitation of this vulnerability could allow an attacker access to credentials held by OpenEnterprise used for accessing field devices and external systems. Emerson recommends all users upgrade to OpenEnterprise 3.3, Service Pack 6 (3.3.6), to resolve this issue. CISA also recommends a series of measures to mitigate the vulnerability.

The Avaddon ransomware operators claimed to have breached and leaked stolen data from a concrete formwork construction company involved in water infrastructure projects, including water treatment plants and reservoirs. Through information provided by a trusted third party, WaterISAC is aware that Avaddon is claiming on its darkweb site to have leaked 25% of the data reportedly stolen from EFCO (www[.]efcoforms[.]com). Avaddon is a relatively new ransomware-as-a-service (RaaS) malware and has recently jumped on the data breach bandwagon.

The Homeland Security Systems Engineering and Development Institute, sponsored by the Department of Homeland Security (DHS) and operated by MITRE, has released the 2020 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list. The Top 25 uses data from the National Vulnerability Database (NVD) to compile the most frequent and critical errors that can lead to serious vulnerabilities in software. An attacker can often exploit these vulnerabilities to take control of an affected system, obtain sensitive information, or cause a denial-of-service condition.