Skip to main content

Security Bulletin

1 Aug 2024
Biztonsági szemle

Vonets WiFi Bridges

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Vonets Equipment: VAR1200-H, VAR1200-L, VAR600-H, VAP11AC, VAP11G-500S, VBG1200, VAP11S-5G, VAP11S, VAR11N-300, VAP11G-300, VAP11N-300, VAP11G...
cisa.gov
Read more
1 Aug 2024
Biztonsági szemle

Johnson Controls exacqVision Web Service

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: Johnson Controls, Inc. Equipment: exacqVision Web Service Vulnerability: Cross-Site Request Forgery (CSRF) 2. RISK EVALUATION Successful exploitation of this...
cisa.gov
Read more
1 Aug 2024
Biztonsági szemle

Johnson Controls exacqVision Web Service

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls, Inc. Equipment: Web Service Vulnerability: Use of GET Request Method With Sensitive Query Strings 2. RISK EVALUATION Successful...
cisa.gov
Read more
1 Aug 2024
Biztonsági szemle

Rockwell Automation Logix Controllers

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ControlLogix, GuardLogix, and 1756 ControlLogix I/O Modules Vulnerability: Unprotected Alternate Channel 2. RISK...
cisa.gov
Read more
1 Aug 2024
Biztonsági szemle

Johnson Controls exacqVision Client and exacqVision Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.0 ATTENTION: Exploitable remotely Vendor: Johnson Controls Inc. Equipment: exacqVision Client, exacqVision Server key Vulnerability: Inadequate Encryption Strength 2. RISK EVALUATION Successful exploitation of...
cisa.gov
Read more
1 Aug 2024
Biztonsági szemle

Johnson Controls exacqVision Web Service

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.4 ATTENTION: Exploitable remotely Vendor: Johnson Controls, Inc. Equipment: exacqVision Web Service Vulnerability: Cleartext Transmission of Sensitive Information 2. RISK EVALUATION Successful exploitation of...
cisa.gov
Read more
1 Aug 2024
Biztonsági szemle

AVTECH IP Camera

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor: AVTECH SECURITY Corporation Equipment: IP camera Vulnerability: Command Injection 2. RISK...
cisa.gov
Read more
1 Aug 2024
Biztonsági szemle

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems (ICS) advisories on August 1, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-214-01 Johnson Controls exacqVision...
cisa.gov
Read more
1 Aug 2024
Biztonsági szemle

CISA Releases Software Acquisition Guide for Government Enterprise Consumers: Software Assurance in the Cyber-Supply Chain Risk Management (C-SCRM) Lifecycle

cisa.gov
Read more
1 Aug 2024
Biztonsági szemle

ISC Stormcast For Thursday, August 1st, 2024 https://isc.sans.edu/podcastdetail/9078, (Thu, Aug 1st)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
isc.sans.edu
Read more
Featured image for {“vendor”:”ppworks”,”type”:”episode”,”id”:”3171″} podcast from PPWorks
1 Aug 2024
Biztonsági szemle

The Known Exploited Vulnerability catalogue, aka the KEV - Tod Beardsley - BTS #35

scmagazine.com
Read more
1 Aug 2024
Biztonsági szemle

Australian Companies Will Soon Need to Report Ransom Payments

Significant upcoming legislation promises to tighten the screws on cyber incident response in Australia, mirroring CIRCIA in the US.
darkreading.com
Read more
Language
Audience