As included in the Spotlight section of the Security & Resilience Update on Tuesday, Microsoft released a patch for CVE-2020-1350, a critical remote code execution (RCE) vulnerability dubbed SIGRed. All Windows Server versions from 2008 to the present are vulnerable. SIGRed only affects Windows DNS Servers; Windows DNS clients are not susceptible. However, SIGRed is wormable so it can be spread between vulnerable devices without user interaction.
Oracle has released its Critical Patch Update for July 2020 to address 433 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Oracle July 2020 Critical Patch Update and apply the necessary updates.
Yesterday afternoon fake Tweets began circumnavigating the Twitter-sphere after a malicious actor presumably gained access to Twitter’s internal systems and tools. In what is believed to be a coordinated social engineering attack, several high-profile and Twitter-verified globally influential accounts tweeted fake cryptocurrency messages among millions of followers.
CISA has published an advisory on a classic buffer overflow vulnerability in Siemens LOGO! Web Server. Numerous versions are affected. Successful exploitation of this vulnerability could allow remote code execution. Should the attacker gain access to the session cookies, they could then hijack the session and perform arbitrary actions in the name of the victim. Siemens recommends users apply upgrades. It has also identified specific workarounds and mitigations customers can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability.
CISA has published an advisory on an uncontrolled resource consumption vulnerability in Siemens SIMATIC S7-200 SMART CPU family. Versions 2.2 and later, prior to v2.5.1, are affected. Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. Siemens recommends users update to v2.5.1 and limit network access to device to trusted sources. CISA also recommends a series of measures to mitigate the vulnerability.
CISA has published an advisory on a cleartext transmission of sensitive information vulnerability in Siemens SIMATIC HMI Panels. Numerous products and versions of these products are affected. Successful exploitation of these vulnerabilities could allow an attacker to affect the availability, read sensitive data, and gain remote code execution on the affected devices. Siemens has identified the following specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability.
CISA has published an advisory on out-of-bounds read, missing authentication for critical function, missing encryption of sensitive data, use of password hash with insufficient computational effort, cross-site scripting, classic buffer overflow, basic XSS, and authentication bypass by capture-replay vulnerabilities in Siemens SICAM MMU, SICAM T, and SICAM SGU. For SICAM MMU, all versions prior to 2.05 are affected. For SICAM SGU, all versions are affected. And for and SICAM T, all versions prior to 2.18 are affected.
CISA has published an advisory on a stack-based buffer overflow vulnerability in Moxa EDR-G902 and EDR-G903 series routers. For EDR-G902 series, firmware versions 5.4 and prior are affected. For EDR-G903, firmware versions 5.4 and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may allow remote code execution. Moxa recommends users implement a patch to mitigate the vulnerability. CISA also recommends a series of measures to mitigate the vulnerability.
CISA has published an advisory on SQL injection, path traversal, command injection, improper input validation, missing authentication for critical function, and improper access control vulnerabilities in Advantech iView. iView Versions 5.6 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to read/modify information, execute arbitrary code, limit system availability, and/or crash the application. Advantech has released version 5.7 of iView to address the reported vulnerabilities.
Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Microsoft Edge (EdgeHTML and Chromium-based in IE Mode), ChakraCore, Internet Explorer, Microsoft Office and Microsoft Office Services and Web Apps, Windows Defender, Skype for Business, Visual Studio, Microsoft OneDrive, Open Source Software, .NET Framework, and Azure DevOps.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
