You are here

Home » Cybersecurity

Cybersecurity

FATEK Automation PLC WinProladder (ICSA-20-254-02)

CISA has published an advisory on a stack-based buffer overflow vulnerability in FATEK Automation PLC WinProladder. Versions 3.28 and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may cause a denial-of-service event and remote code execution. FATEK has not responded to requests to work with CISA to mitigate this vulnerability. Users of these affected products who would like to see more responsible security are invited to contact Fatek customer support.

AVEVA Enterprise Data Management Web (ICSA-20-254-01)

CISA has published an advisory on an SQL injection vulnerability in AVEVA Enterprise Data Management Web. Enterprise Data Management Web v2019 and prior are affected. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected device. AVEVA reports that affected users are recommended to upgrade to AVEVA Enterprise Data Management Web v2019 SP1 as soon as possible. If an upgrade to v2019 SP1 is not possible, users can contact AVEVA Global Customer Support, and a hot-fix can be made available for eDNA Web v2018 SP2.

2020 State of the Homeland Address

Yesterday U.S. Department of Homeland Security (DHS) Secretary Chad Wolf delivered the 2020 State of the Homeland Address. In his address Secretary Wolf reflected on how DHS has evolved since it was founded more than 17 years ago. Speaking of this evolution, he discussed some of today’s potential threat vectors that didn’t exist at the time of the Department’s inception, which include smart phones and cryptocurrency.

Microsoft Releases September 2020 Security Updates

Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Microsoft Edge (EdgeHTML and Chromium-based), Microsoft ChakraCore, Internet Explorer, SQL Server, Microsoft JET Database Engine, Microsoft Office and Microsoft Office Services and Web Apps, Microsoft Dynamics, Visual Studio, Microsoft Exchange Server, SQL Server, ASP.NET, Microsoft OneDrive, and Azure DevOps.

Siemens Siveillance Video Client (ICSA-20-252-05)

CISA has published an advisory on a cleartext transmission of sensitive information vulnerability in Siemens Siveillance Video Client. All versions of this product are affected. Successful exploitation of this vulnerability could allow an attacker to obtain valid administrator login names and use this information to launch further attacks. Siemens has identified specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability.

Siemens License Management Utility (ICSA-20-252-03)

CISA has published an advisory on an execution with unnecessary privileges vulnerability in Siemens License Management Utility. All versions prior to v2.4 are affected. Successful exploitation of this vulnerability could allow local users to escalate privileges. Siemens has released an updated version and recommends users install this update on all affected systems. Additionally, it has identified specific workarounds and mitigations users can apply to reduce risk. CISA also recommends a series of measures to mitigate the vulnerability.

Siemens SIMATIC RTLS Locating Manager (ICSA-20-252-01)

CISA has published an advisory on incorrect default permissions and unquoted search path or element vulnerabilities in Siemens SIMATIC RTLC Locating Manager. All versions prior to v2.10.2 are affected. Successful exploitation of this vulnerability could allow a privileged local user to escalate privileges. Siemens recommends that users apply the update of the SIMATIC RTLS Locating Manager. Additionally, it has identified specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerabilities.

Siemens Polarion Subversion Webclient (ICSA-20-252-08) – Product Used in the Energy Sector

CISA has published an advisory on improper neutralization of script-related HTML tags in a web page (basic XSS) and cross-site request forgery (CRSF) vulnerabilities in Siemens Polarion Subversion Webclient. All versions of this product are affected. Successful exploitation of these vulnerabilities where an attacker injects client-side script to induce the victim to issue an HTTP request could lead to a state-changing operation. Siemens has stated that the tool is considered shareware, distributed “as is,” and will be no fix as it is no longer supported.

Siemens SIMATIC HMI Products (ICSA-20-252-06) – Products Used in the Energy Sector

CISA has published an advisory on improper restriction of excessive authentication attempts and authentication bypass by primary weakness vulnerabilities in Siemens SIMATIC HMI. Multiple products and versions of these products are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to discover user passwords and obtain access to the Sm@rt Server via a brute-force attack. Siemens is preparing updates and recommends specific countermeasures for products where updates are not yet available.

Siemens Spectrum Power (ICSA-20-252-04) – Products Used in the Energy Sector

CISA has published an advisory on cleartext storage of sensitive information and exposure of information through directory listing vulnerabilities in Siemens Spectrum Power. All versions prior to  v4.70 SP8 are affected. Successful exploitation of these vulnerabilities could allow an unauthorized attacker to retrieve a list of software users, or in certain cases to list the contents of a directory. Siemens has released updates and configuration recommendations for Spectrum Power 4 to mitigate the issues. CISA also recommends a series of measures to mitigate the vulnerabilities.

Pages

Subscribe to Cybersecurity