Skip to main content

Security Bulletin

20 May 2025
Biztonsági szemle

Schneider Electric Modicon Controllers

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Modicon Controllers M241/M251/M258/LMC058 Vulnerability: Externally Controlled Reference to a Resource in Another...
cisa.gov
Read more
20 May 2025
Biztonsági szemle

Schneider Electric PrismaSeT Active - Wireless Panel Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: PrismaSeT Active - Wireless Panel Server Vulnerability: Buffer Copy without Checking Size of Input ('Classic Buffer...
cisa.gov
Read more
20 May 2025
Biztonsági szemle

Assured Telematics Inc (ATI) Fleet Management System with Geotab Integration

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Assured Telematics Inc. Equipment: Fleet Management System Vulnerabilities: Exposure of Sensitive System Information to an Unauthorized Control...
cisa.gov
Read more
20 May 2025
Biztonsági szemle

ABUP IoT Cloud Platform

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION: Exploitable remotely/Low attack complexity Vendor: ABUP Equipment: ABUP Internet of Things (IoT) Cloud Platform Vulnerability: Incorrect Privilege Assignment 2. RISK EVALUATION Successful...
cisa.gov
Read more
20 May 2025
Biztonsági szemle

AutomationDirect MB-Gateway

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: MB-Gateway Vulnerability: Missing Authentication For Critical Function 2. RISK EVALUATION Successful exploitation of...
cisa.gov
Read more
20 May 2025
Biztonsági szemle

Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Iconics Digital Solutions, Mitsubishi Electric Equipment: ICONICS Product Suite and Mitsubishi Electric MC Works64 Vulnerability: Execution with...
cisa.gov
Read more
20 May 2025
Biztonsági szemle

Vertiv Liebert RDU101 and UNITY

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Vertiv Equipment: Liebert RDU101 and Liebert UNITY Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Stack-based Buffer...
cisa.gov
Read more
20 May 2025
Biztonsági szemle

Danfoss AK-SM 8xxA Series

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Exploitable remotely Vendor: Danfoss Equipment: AK-SM 8xxA Series Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could enable a remote...
cisa.gov
Read more
20 May 2025
Biztonsági szemle

ISC Stormcast For Tuesday, May 20th, 2025 https://isc.sans.edu/podcastdetail/9458, (Tue, May 20th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
isc.sans.edu
Read more
<p>(Credit: Bilal Ulker &#8211; stock.adobe.com)</p>
19 May 2025
Biztonsági szemle

Crawlomatic WordPress plugin patched for critical 9.8 RCE flaw

Arbitrary file upload is made possible by a missing file type validation.
scmagazine.com
Read more
Dark Reading
19 May 2025
Biztonsági szemle

'Operation RoundPress' Targets Ukraine in XSS Webmail Attacks

A cyber-espionage campaign is targeting Ukrainian government entities with a series of sophisticated spear-phishing attacks that exploit XSS vulnerabilities.
darkreading.com
Read more
futuristic cloud computing concept. glowing cloud symbol with medical cross on a digital circuit board background. ideal for technology, healthcare, and data security projects.
19 May 2025
Biztonsági szemle

Serviceaide data breach exposed info of 483K Catholic Health patients

Incident underscores impact of third-party breaches on health organizations, security experts say.
scmagazine.com
Read more
Language
Audience