View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: InfraSuite Device Master Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could allow remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Delta Electronics products are affected: InfraSuite Device Master: Versions… Read more

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk Historian SE Vulnerabilities: Missing Release of Resource after Effective Lifetime, Improper Check or Handling of Exceptional Conditions 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS… Read more

Today, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), together with CISA, the Canadian Centre for Cyber Security (CCCS), the United Kingdom’s National Cyber Security Centre (NCSC-UK), and the New Zealand National Cyber Security Centre (NCSC-NZ) are releasing the following guidance: Secure by Design Choosing Secure and Verifiable Technologies. This guidance was crafted… Read more

Post Content Read more

Post Content Read more

CISA released two Industrial Control Systems (ICS) advisories on May 07, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-128-01 PTC Codebeamer ICSA-24-128-02 SUBNET Substation Server CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations. Read more

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: Codebeamer Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to inject malicious code in the application. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of PTC Codebeamer, an application lifecycle management… Read more

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Low attack complexity Vendor: Subnet Solutions Inc. Equipment: Substation Server Vulnerabilities: Reliance on Insufficiently Trustworthy Component 2. RISK EVALUATION Successful exploitation of the vulnerabilities in components used by Substation Server could allow privilege escalation, denial-of-service, or arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS SUBNET… Read more

Market Drivers Cloud Adoption In 2023, 98% of organizations surveyed by the Identity Defined Security Alliance responded that they had witnessed an increase in number of identities they needed to manage, and 78% of executives responded their organizations had adopted cloud in most, if not all parts of their business. Both markers can be indicative… Read more

Post Content Read more