You are here

Home » Cybersecurity

Cybersecurity

Ripple20 Vulnerabilities Affecting Treck IP Stacks

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) reports it is aware of multiple vulnerabilities, known as Ripple20, affecting Treck IP stack implementations for embedded systems. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following products for additional information and mitigations, and update to the latest stable version of Treck IP stack software (6.0.1.67 or later).

Vulnerability Awareness – Recent SMB Vulnerabilities

Last Tuesday, Microsoft patched multiple vulnerabilities in SMB (Server Message Block), the protocol used to facilitate the sharing of files, printers and serial ports between computers; two in SMB v3, and one in SMB v1. The vulnerabilities have been given catchy names, SMBleed and SMBLost, respectively. Cybersecurity firm Tenable has posted a technical summary on the concerns of each. Regarding SMBleed (CVE-2020-1206), the biggest concern is related to a prior patch for “SMBGhost” (CVE-2020-0796) in March for the same feature of SMB v3. SMBleed is an information disclosure vulnerability.

OSIsoft PI Web API 2019 (ICSA-20-163-01) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on a cross-site scripting vulnerability in OSIsoft PI Web API 2019. PI Web API 2019 Patch 1 (1.12.0.6346) and all previous versions are affected. Successful exploitation of this vulnerability could allow a remote authenticated attacker with write access to a PI Server to trick a user into interacting with a PI Web API endpoint that executes arbitrary JavaScript in the user’s browser, resulting in view, modification, or deletion of data as allowed for by the victim’s user permissions.

FBI IC3 Releases Alert on Mobile Banking Apps

The FBI’s Internet Crime Complaint Center (IC3) has released an alert warning consumers of cyber risks associated with mobile banking apps. As more consumers rely on mobile apps for banking, malicious cyber actors are likely to increasingly target them with app-based banking Trojans and fake banking apps. The alert discusses the kinds of malicious that have been observed and that are likely to occur and offers tips for individuals to protect themselves and their organizations. Additionally, with the release of this advisory the U.S.

Siemens SINUMERIK (ICSA-20-161-06) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on buffer underflow, heap-based buffer overflow, improper initialization, out-of-bounds read, stack-based buffer overflow, access of memory location after end of buffer, off-by-one error, improper null termination, and improper initialization vulnerabilities in Siemens SINUMERIK products. The vulnerabilities affect numerous versions of SINUMERIK products. Successful exploitation of these vulnerabilities could allow remote code execution, information disclosure, and denial-of-service attacks under certain conditions.

Siemens LOGO! (ICSA-20-161-03) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on a missing authentication for critical function vulnerability in Siemens LOGO! All versions of LOGO!8 BM (including SIPLUS variants) are affected. Successful exploitation of this vulnerability could allow an attacker to read and modify device configurations and obtain project files from affected devices. Siemens recommends applying defense-in-depth concepts, including the protection concept outlined in the system manual. CISA also recommends a series of measures to mitigate the vulnerability.

Advantech WebAccess Node (ICSA-20-161-01) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on a stack-based buffer overflow vulnerability in Advantech WebAccess Node. Versions 8.4.4 and prior are affected. Successful exploitation of this vulnerability could crash the application being accessed; a buffer overflow condition may allow remote code execution. Advantech has released a patch to address the reported vulnerability. CISA also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Microsoft Releases June 2020 Security Updates

Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Microsoft Edge (EdgeHTML and Chromium-based in IE Mode), ChakraCore, Internet Explorer, Microsoft Office and Microsoft Office Services and Web Apps, Windows Defender, Microsoft Dynamics, Visual Studio, Azure DevOps, HoloLens, Adobe Flash Player, Apps for Android, Windows App Store, System Center, and Android Center.

Pages

Subscribe to Cybersecurity