You are here

Home

Cybersecurity

Mitsubishi Electric Multiple Factory Automation Engineering Software Products (ICSA-20-212-02)

CISA has published an advisory on a permission issues vulnerability in Mitsubishi Electric Multiple Factory Automation Engineering Software Products. Multiple products and versions of the products are affected. Successful exploitation of this vulnerability may enable the reading of arbitrary files, cause a denial-of-service condition, and allow execution of a malicious binary. Multiple Electric recommends a series of steps to address the vulnerability. CISA also recommends a series of measures to mitigate the vulnerability.

Inductive Automation Ignition 8 (ICSA-20-212-01) – Product Used in the Energy Sector

CISA has published an advisory on a missing authentication vulnerability in Inductive Automation Ignition 8. All versions of this product prior to 8.0.13 are affected. Successful exploitation of this vulnerability could allow an attacker to gain access to sensitive information. Inductive Automation recommends users upgrade the Ignition software to v8.0.13. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Taidoor Malware Used by Chinese Government Actors

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Department of Defense have published a malware analysis report (MAR) about a malware variant used by Chinese government cyber actors, which is known as TAIDOOR. The FBI has high confidence that Chinese government actors are using malware variants in conjunction with proxy servers to maintain a presence on victim networks and to further network exploitation.

GNU GRUB2 Vulnerability

CISA advises the Free Software Foundation GNU Project's multiboot boot loader, GNU GRUB2, contains a vulnerability – CVE-2020-10713 – that a local attacker could exploit to take control of an affected system. CISA) encourages users and administrators to review the CERT Coordination Center’s Vulnerability Note VU#174059 for mitigations and to refer to operating system vendors for appropriate patches, when available.

DHS CISA Third Annual National Cybersecurity Summit

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has announced it will convene the third annual National Cybersecurity Summit this year as a series of events in September and October. More specifically, the series will consist of a two-hour webinars every Wednesday for four weeks, beginning September 16 and ending October 7. The summit will focus on providing cybersecurity strategies, policies and/or initiatives that facilitate collaboration between the full range of government, defense, civilian, intelligence, and law enforcement entities.

VPN Security Flaws in Devices Used for Remote Access to OT Networks

Several advisories were posted today concerning recent vulnerabilities disclosed by Claroty regarding VPN remote access devices widely used in industrial environments, including water and electric utilities. Devices from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws. In addition to allowing remote connectivity between sites, these devices are also used to enable remote access into PLCs and other Level 1/0 devices; a practice that has become much more prevalent in light of COVID-19.

HMS Industrial Networks eCatcher (ICSA-20-210-03)

CISA has published an advisory on a stack-based buffer overflow vulnerability in HMS Industrial Networks eCatcher. All versions prior to 6.5.5 are affected. Successful exploitation of this vulnerability could crash the device being accessed. In addition, a buffer overflow condition may allow remote code execution with highest privileges. HMS recommends users update eCatcher to Version 6.5.5 or later. CISA also recommends a series of measures to mitigate the vulnerability.

Softing Industrial Automation OPC (ICSA-20-210-02)

CISA has published an advisory on heap-based buffer overflow and uncontrolled resource consumption vulnerabilities in Softing Industrial Automation OPC. All versions prior to the latest build of 4.47.0 are affected. Successful exploitation of these vulnerabilities could crash the device being accessed. A buffer-overflow condition may also allow remote code execution. Softing Industrial Automation has released an update to mitigate the reported vulnerabilities. CISA also recommends a series of measures to mitigate the vulnerabilities.

Secomea GateManager (ICSA-20-210-01)

CISA has published an advisory on improper neutralization of null byte or NUL character, off-by-one error, use of hard-coded credentials, and use of password hash with insufficient computational effort vulnerabilities in Secomea GateManager. All versions prior to 9.2c are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to gain remote code execution on the device. Secomea has released a new version to mitigate the reported vulnerabilities. CISA also recommends a series of measures to mitigate the vulnerabilities.

Pages

Subscribe to Cybersecurity