Blog Posts Tagged with "Advisory"

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: MICROSYS PROMOTIC Vulnerability POC

April 13, 2012 Added by:Infosec Island Admin

Researcher Luigi Auriemma identified and released proof of concept code (POC) for a use after free vulnerability in the MICROSYS, spol. s r.o. PROMOTIC application wgich may result in adverse conditions ranging from the corruption of valid data to the execution of arbitrary code...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Siemens Scalence S Multiple Vulnerabilities

April 12, 2012 Added by:Infosec Island Admin

Siemens has reported two security vulnerabilities in the Scalance S Security Module firewall - a brute-force credential guessing vulnerability in the web configuration and a stack-based buffer overflow vulnerability in the Profinet DCP protocol stack...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: ABB Multiple Components Buffer Overflow

April 11, 2012 Added by:Infosec Island Admin

Researchers have identified a buffer overflow vulnerability in multiple components of the ABB WebWare Server application which could lead to a denial-of-service for the application and privilege escalation or could allow an attacker to execute arbitrary code...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: 3S-Software CoDeSys Improper Access Control

April 10, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report of improper access control vulnerability affecting 3S-Software CoDeSys which could allow an attacker can upload unauthenticated configuration changes to the PLC which may include arbitrary code...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Wago IPC Multiple Vulnerabilities

April 09, 2012 Added by:Infosec Island Admin

Multiple vulnerabilities affecting the WAGO IPC 758-870, which is an embedded Linux programmable logic controller (PLC)could allow an attacker to gain unauthorized access or to make unauthenticated configuration changes, which may include arbitrary code...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: ABB WebWare Server Buffer Overflow

April 06, 2012 Added by:Infosec Island Admin

Researchers have identified a buffer overflow vulnerability in multiple components of the ABB WebWare Server application which if exploited could lead to a denial-of-service for the application and privilege escalation or could allow an attacker to execute arbitrary code...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Invensys Wonderware Server Multiple Vulnerabilities

April 04, 2012 Added by:Infosec Island Admin

Researchers have identified multiple vulnerabilities in the Invensys Wonderware Information Server which if exploited could allow denial of service, information disclosure, remote code execution, or session credential high jacking. Invensys has developed a security update...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Invensys Wonderware Buffer Overflow Vulnerability

April 02, 2012 Added by:Infosec Island Admin

Researchers identified two buffer overflow vulnerabilities in the WWCabFile component of the Wonderware System Platform, and successful exploitation of these vulnerabilities will cause a buffer overflow that may allow remote code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Rockwell Automation FactoryTalk Vulnerability

March 29, 2012 Added by:Infosec Island Admin

Researchers have identified two vulnerabilities that may result in a denial-of-service (DoS) condition in the Rockwell Automation FactoryTalk (FT) application which if successfully exploited may result in a Denial of Service condition...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Ecava IntegraXor Path Traversal Vulnerability

March 26, 2012 Added by:Infosec Island Admin

Researchers Billy Rios and Terry McCorkle have identified a Path Traversal vulnerability when a specially crafted HTML document is opened on the Ecava IntegraXor server. Successful exploitation could allow file manipulation or arbitrary code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Increasing Threat to Industrial Control Systems

March 21, 2012 Added by:Infosec Island Admin

ICS-CERT is monitoring an increase in a combination of threats that increase the risk of control systems attacks. These include Internet accessible ICS configurations, vulnerability and exploit tool releases, and increased interest and activity by hacktivist groups and others...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Windows Remote Desktop Protocol Vulnerability

March 20, 2012 Added by:Infosec Island Admin

ICS-CERT is aware of a public report of a Remote Desktop Protocol (RDP) vulnerability, which with successful exploitation in the control systems environment could lead to system processes freezing and potentially allow remote code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: GE Intelligent Platforms Proficy Historian Data Advisory

March 15, 2012 Added by:Infosec Island Admin

ICS-CERT received a report from GE Intelligent Platforms concerning a memory corruption vulnerability in the GE Intelligent Platforms Proficy Historian Data Archiver could allow an attacker to cause the service to crash, and may lead to arbitrary code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: GE Intelligent Platforms Proficy Plant Vulnerability

March 14, 2012 Added by:Infosec Island Admin

ICS-CERT received a report concerning multiple memory corruption vulnerabilities in the GE Intelligent Platforms Proficy Plant Applications which could allow an attacker to cause multiple Proficy services to crash, which may lead to arbitrary code execution...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Solar Flare Disruption Advisory

March 09, 2012 Added by:Infosec Island Admin

The resulting geomagnetic storms can cause aurora at low latitudes and disrupt satellite and high frequency radio communication, GPS, and power grids. ICS-CERT requests that any issues affecting control systems in critical infrastructure environments be reported...

Comments  (2)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: Robot Communication Runtime Buffer Overflow

March 05, 2012 Added by:Infosec Island Admin

A buffer overflow vulnerability in the Robot Communication Runtime software used to communicate with IRC5, IRC5C, and IRCP robot controllers could allow an attacker to cause a denial of service and potentially execute remote code with administrator privileges...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »
Most Liked