Skip to main content

Security Bulletin

15 Aug 2024
Biztonsági szemle

Siemens SINEC Traffic Analyzer

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see  Siemens' ProductCERT...
cisa.gov
Read more
15 Aug 2024
Biztonsági szemle

Siemens Location Intelligence

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see  Siemens' ProductCERT...
cisa.gov
Read more
15 Aug 2024
Biztonsági szemle

AVEVA Historian Web Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: AVEVA Equipment: Historian Server Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...
cisa.gov
Read more
15 Aug 2024
Biztonsági szemle

Siemens INTRALOG WMS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see  Siemens' ProductCERT...
cisa.gov
Read more
15 Aug 2024
Biztonsági szemle

Siemens LOGO! V8.3 BM Devices

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see  Siemens' ProductCERT...
cisa.gov
Read more
15 Aug 2024
Biztonsági szemle

Siemens COMOS

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see  Siemens' ProductCERT...
cisa.gov
Read more
15 Aug 2024
Biztonsági szemle

PTC Kepware ThingWorx Kepware Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION: Exploitable from adjacent network. Vendor: PTC Equipment: Kepware ThingWorx Kepware Server Vulnerability: Allocation of Resources Without Limits or Throttling 2. RISK EVALUATION Successful...
cisa.gov
Read more
15 Aug 2024
Biztonsági szemle

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-28986 SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability These types of vulnerabilities are...
cisa.gov
Read more
15 Aug 2024
Biztonsági szemle

FBI and CISA Release Joint PSA, Just So You Know:  Ransomware Disruptions During Voting Periods Will Not Impact the Security and Resilience of Vote Casting or Counting

cisa.gov
Read more
<p>Credit: Adobe Stock Images</p>
15 Aug 2024
Biztonsági szemle

In the wake of the CrowdStrike outage, here’s a workable four-step patching strategy

The CrowdStrike incident highlighted the dangers of auto-updates – here’s how to set up a test lab for a patching strategy that will keep the organization safe.
scmagazine.com
Read more
15 Aug 2024
Biztonsági szemle

Wireshark 4.4.0rc1's Custom Columns, (Thu, Aug 15th)

In diary entry " A Wireshark Lua Dissector for Fixed Field Length Protocols", I show how to use a protocol dissector I wrote in Lua to parse TCP data.
isc.sans.edu
Read more
15 Aug 2024
Biztonsági szemle

ISC Stormcast For Thursday, August 15th, 2024 https://isc.sans.edu/podcastdetail/9098, (Thu, Aug 15th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
isc.sans.edu
Read more
Language
Audience