OpenSMTPD has released version 6.6.4p1 to address a critical vulnerability. A remote attacker could exploit this vulnerability to take control of an affected server. OpenSMTPD is an open-source server-side implementation of the Simple Mail Transfer Protocol (SMTP) that is part of the OpenBSD Project. CISA encourages users and administrators to apply the necessary update.
The FBI’s Portland, Oregon office has published an advisory discussing best practices for communications, such as with personal and official email, messaging apps, and social media. As the advisory notes, users should be aware of the potential dangers of cyber attacks through these various channels and of the need to opt for secure methods of communication to reduce the likelihood of intrusion. The advisory groups best practices into encryption, message retention, and access.
CISA has published an advisory on cross-site request forgery, improper neutralization of HTTP headers for scripting syntax, and use of obsolete function vulnerabilities in Honeywell WIN-PAK. WIN-PAK 4.7.2 and prior versions are affected. Successful exploitation of these vulnerabilities allows an attacker to perform remote code execution. Honeywell recommends users with potentially affected products take steps to protect themselves, which it has provided. CISA also recommends a series of measures to mitigate the vulnerabilities.
CISA has published an advisory on stack-based buffer overflow, use of a broken or risky cryptographic algorithm, use of hard-coded cryptographic key, use of hard-coded credentials, classic buffer overflow, cleartext transmission of sensitive information, and weak password requirements in Moxa EDS-G516E and EDS-510E Series Ethernet Switches. For both series, versions 5.2 and lower are affected. Successful exploitation of these vulnerabilities could crash the device, execute arbitrary code, and allow access to sensitive information.
CISA has published an advisory on stack-based buffer overflow, use of a broken or risky cryptographic algorithm, use of hard-coded cryptographic key, use of hard-coded credentials, weak password requirements, and information exposure vulnerabilities in Moxa PT-7528 Series and PT-7828 Series Ethernet Switches. For Moxa PT-7528 Series, versions 4.0 and lower are affected. For Moxa PT-7828 Series, versions 3.9 and lower are affected. Successful exploitation of these vulnerabilities could crash the device or allow access to sensitive information.
CISA has published an advisory on cleartext storage of sensitive information, cleartext transmission of sensitive information, and incorrectly specified destination in a communication channel vulnerabilities in Moxa ioLogik 2542-HSPA Series Controllers and IOs and IOxpress Configuration Utility. For Moxa ioLogik 2542-HSPA Series Controllers, versions 3.0 and lower are affected. IOxpress Configuration Utility, versions 2.3.0 and lower are affected. Successful exploitation of these vulnerabilities could crash the device or allow access to sensitive information.
CISA has published an advisory on stack-based buffer overflow, integer overflow to buffer overflow, cross-site request forgery, use of a broken or risky cryptographic algorithm, information exposure, cleartext transmission of sensitive information, weak password requirements, cleartext storage of sensitive information, and incorrectly specified destination in a communication channel vulnerabilities in Moxa MB3170 series, MB3180 series, MB3270 series, MB3280 series, MB3480 series, and MB3660 series. Multiple versions of these products are affected.
ICS cybersecurity company Drago has just published a series of three year-in-review reports, what are intended to be a collection of its first-hand experiences hunting, analyzing, and combatting industrial adversaries that provide asset owners and the practitioner community with actionable defensive recommendations to reduce the overall risks associated with operating critical infrastructure.
CISA has published an advisory on cleartext transmission of sensitive information, origin validation error, use of hard-coded credentials, weak password recovery mechanism for forgotten password, and weak password requirements vulnerabilities in Auto-Maskin RP210E, DCU210E, and Marine Observer Pro (Android App). Versions 3.7 and prior of these products are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to gain root access to the underlying operating system of the device and may allow read/write access.
CISA has published an advisory on authentication bypass by capture-replay and path traversal vulnerabilities in Honeywell NOTI-FIRE-NET Web Server. Versions 3.50 and earlier are affected. Successful exploitation of these vulnerabilities could result in an attacker bypassing web server authentication methods. Honeywell has released a firmware update package for all affected products and also recommends steps for users to protect themselves. CISA also recommends a series of measures to mitigate the vulnerability.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
