You are here

Home » Cybersecurity

Cybersecurity

Siemens SCALANCE X Switches (ICSA-20-014-03)

CISA has released an advisory on a missing authentication for critical function vulnerability in Siemens SCALANCE X Switches. Multiple products and versions of these products are affected. Successful exploitation of this vulnerability could allow an unauthenticated attacker to violate access-control rules. Siemens has identified workarounds and mitigations affected users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability.

Siemens SINEMA Server (ICSA-20-014-02)

CISA has released an advisory on an incorrect privilege assessment vulnerability in Siemens SINEMA Server. All versions prior to Version 14.0 SP2 Update 1 are affected. Successful exploitation of this vulnerability could allow an attacker with a valid session, with low privileges, to perform firmware updates and other administrative operations on connected devices. Siemens recommends users of the affected product update to a new version and has identified workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability.

GE PACSystems RX3i (ICSA-20-014-01) – Products Used in the Water and Wastewater and Energy Sectors

CISA has released an advisory on an improper input validation vulnerability in GE/Emerson PACSystems RX3i. For all of the affected products, all versions prior to R9.90 are affected. Successful exploitation of this vulnerability could cause the system to change to halt-mode, resulting in a denial-of-service condition. Emerson recommends users of the affected products update to newer versions. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

CISA Alert: Continued Exploitation of Pulse Secure Vulnerability

The U.S. Department of Homeland Security’s (DHS’s) Cybersecurity and Infrastructure Security Agency (CISA) has released an alert emphasizing that unpatched Pulse Secure VPN servers continue to be an attractive target for malicious actors. Pulse Secure disclosed the vulnerability and provided software patches in April 2019, but CISA continues to observe wide exploitation of the vulnerabilities. A remote, unauthenticated attacker can exploit this vulnerability to compromise a VPN server. The attacker may be able to gain access to all active users and their plain-text credentials.

Ryuk Ransomware Security Primer

The Multi-State Information Sharing and Analysis Center (MS-ISAC), a WaterISAC partner, has published a security primer on the Ryuk ransomware, which it describes as “one of the most prevalent variants in the state, local, tribal, and territorial government threat landscape. This product provides an overview of Ryuk’s phases of operation and offers a list of recommendations for government entities to adhere to prevent and limit the impact of a potential Ryuk ransomware compromise.

Siemens SCALANCE X (Update B) (ICSA-19-085-01) – Products Used in the Water and Wastewater and Energy Sectors

January 14, 2020

CISA has updated this advisory with additional information on the affected products and mitigating measures. Read the advisory at CISA.

June 11, 2019

The NCCIC has updated this advisory with additional information on the affected products and mitigating measures. Read the advisory at NCCIC/ICS-CERT.

Pages

Subscribe to Cybersecurity