The Apache Software Foundation has released a security advisory to address vulnerabilities in Struts in the version range 2.0.0 – 2.5.20. An attacker could exploit one of these vulnerabilities to take control of an affected system. The current version, Struts 2.5.22, is not affected.
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) advises that Microsoft has released security updates to address two vulnerabilities – CVE-2020-1380 and CVE-2020-1464 – that are being actively exploited. CVE-2020-1380 is a remote code execution vulnerability affecting Internet Explorer 11, and CVE-2020-1464 is a spoofing vulnerability that affects multiple Windows products. An attacker could exploit these vulnerabilities to take control of an affected system.
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has published a new alert advising it is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration (SBA) COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that the cyber actor is using for malicious re-directs and credential stealing.
SAP has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. This includes a cross-site scripting vulnerability (CVE-2020-6284) in NetWeaver (Knowledge Management). CISA encourages users and administrators to review the SAP Security Notes and apply the necessary updates.
CISA has published an advisory on a classic buffer overflow vulnerability in Siemens SCALANCE and RUGGEDCOM. For RUGGEDCOM RM1224, all versions prior to 6.3 are affected. For SCALANCE M-800 / S615, all versions prior to 6.3 are affected. Successful exploitation of this vulnerability could allow an attacker to gain unauthenticated access to a device and cause a buffer overflow to execute custom code. Siemens recommends applying the updates available for each of the products. CISA also recommends a series of measures to mitigate the vulnerability.
CISA has published an advisory on a synchronous access of remote resource without timeout vulnerability in Tridium Niagara. For Niagara, versions 4.6.96.28, 4.7.109.20, 4.7.110.32, and 4.8.0.110 are affected. For Niagara Enterprise Security, versions 2.4.31, 2.4.45, and 4.8.0.35 are affected. Successful exploitation of this vulnerability could result in a denial-of-service condition. Tridium has released updates that mitigate this vulnerability. CISA also recommends a series of measures to mitigate the vulnerability.
CISA has published an advisory on improper authentication and path traversal vulnerabilities in Yokogawa CENTUM. Multiple products and versions of the products are affected. Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to send tampered communication packets or create/overwrite any file and run any commands. Yokogawa recommends a series of mitigation measures. CISA also recommends a series of measures to mitigate the vulnerabilities.
CISA has published an advisory on a path traversal vulnerability in Schneider Electric APC Easy UPS On-Line. SFAPV9601 v2.0 and earlier are affected. Successful exploitation of the vulnerability could lead to remote code execution. Schneider Electric recommends users of versions below v2.1 to update to the latest version as soon as possible. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
CISA has published an advisory on a TOCTOU race condition vulnerability in Siemens SIMATIC and SIMOTICS. All versions of SIMATIC RF350M and RF650M and SIMOTICS CONNECT 400 are affected. Successful exploitation of this vulnerability could allow an attacker to read a discrete set of traffic over the air after a Wi-Fi device state change. Siemens has identified specific workarounds and mitigations users can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability.
CISA has published an advisory on a code injection vulnerability in Siemens Desigo CC. For Desigo CC and Desigo CC Compact, versions 3.x and 4.x are affected. Successful exploitation of this vulnerability could allow an attacker to gain remote code execution on the server with SYSTEM privileges. Siemens has released patches for the affected products and recommends specific countermeasures for unpatched systems. CISA also recommends a series of measures to mitigate the vulnerability.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
