Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
[github.com/treeverse/lakefs] Re-creating a deleted user in lakeFS will re-enable previous user credentials that existed prior to its deletion
Description: Impact Existing lakeFS users who have issued credentials to users who have been deleted. Creating a new user with the same username, that user will inherit all of the previous user's credentials lakeFS needs to delete user credentials upon user deletion. Patches Has the problem been patched? What versions should users upgrade to? Workarounds A possible workaround will be not to reuse usernames that were previously deleted References Are there any links users can visit to find out more? References https://github.com/treeverse/lakeFS/security/advisories/GHSA-hh33-46q4-hwm2 https://nvd.nist.gov/vuln/detail/CVE-2024-43784 https://github.com/treeverse/lakeFS/releases/tag/v1.33.0 https://github.com/advisories/GHSA-hh33-46q4-hwm2
Source: Github Advisory Database (Go)
November 27th, 2024 (5 months ago)
[github.com/cri-o/cri-o] CRI-O: Maliciously structured checkpoint file can gain arbitrary node access
Description: Impact Patches 1.31.1, 1.30.6, 1.29.8 Workarounds set enable_criu_support = false References Are there any links users can visit to find out more? References https://github.com/cri-o/cri-o/security/advisories/GHSA-7p9f-6x8j-gxxp https://nvd.nist.gov/vuln/detail/CVE-2024-8676 https://github.com/cri-o/cri-o/commit/e8e7dcb7838d11b5157976bf3e31a5840bb77de7 https://access.redhat.com/security/cve/CVE-2024-8676 https://bugzilla.redhat.com/show_bug.cgi?id=2313842 https://github.com/advisories/GHSA-7p9f-6x8j-gxxp
Source: Github Advisory Database (Go)
November 27th, 2024 (5 months ago)
[tecnickcom/tcpdf] TCPDF Local File Inclusion vulnerability
Description: Local File Inclusion (LFI) vulnerability has been discovered in TCPDF 6.7.5. This vulnerability enables a user to read arbitrary files from the server's file system through src tag, potentially exposing sensitive information. References https://nvd.nist.gov/vuln/detail/CVE-2024-51058 https://github.com/tecnickcom/TCPDF/commit/bfa7d2b6d455ebf72ebe3d48fbd487ee5a1f6f3b https://github.com/saravana-hackz/vulnerability-research/tree/main/CVE-2024-51058 https://github.com/tecnickcom/TCPDF https://github.com/advisories/GHSA-rmv2-8jjc-23xw
Source: Github Advisory Database (Composer)
November 27th, 2024 (5 months ago)
CISA Releases Six Industrial Control Systems Advisories
Description: CISA released six Industrial Control Systems (ICS) advisories on November 26, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-331-01 Schneider Electric PowerLogic PM55xx and PowerLogic PM8ECC ICSA-24-331-02 Schneider Electric PowerLogic P5 ICSA-24-331-03 Schneider Electric EcoStruxure Control Expert, EcoStruxure Process Expert, and Modicon M340, M580 and M580 Safety PLCs ICSA-24-331-04 Hitachi Energy MicroSCADA Pro/X SYS600 ICSA-24-331-05 Hitachi Energy RTU500 Scripting Interface ICSMA-24-200-01 Philips Vue PACS (Update A) CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.
Source: All CISA Advisories
November 27th, 2024 (5 months ago)
Hitachi Energy RTU500 Scripting Interface
Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely Vendor: Hitachi Energy Equipment: RTU500 Scripting Interface Vulnerability: Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow attackers to spoof the identity of the service. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Hitachi Energy are affected: RTU500 Scripting Interface: Version 1.0.1.30 RTU500 Scripting Interface: Version 1.0.2 RTU500 Scripting Interface: Version 1.1.1 RTU500 Scripting Interface: Version 1.2.1 RTU500 Scripting Interface: All versions 3.2 Vulnerability Overview 3.2.1 IMPROPER CERTIFICATE VALIDATION CWE-295 Hitachi Energy is aware of a reported vulnerability in the RTU500 Scripting interface. When a client connects to a server using TLS, the server presents a certificate. This certificate links a public key to the identity of the service and is signed by a certification authority (CA), allowing the client to validate that the remote service can be trusted and is not malicious. If the client does not validate the parameters of the certificate, then attackers could be able to spoof the identity of the service. CVE-2023-1514 has been assigned to this vulnerability. A CVSS v3 base score of 7.4 has been assigned; the CVSS vector string is (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Energy, Water and Wastewater Systems COUNTRIES/AREAS DEPLOYED: Wor...
Source: All CISA Advisories
November 27th, 2024 (5 months ago)
Schneider Electric PowerLogic P5
Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: PowerLogic P5 Vulnerability: Use of a Broken or Risky Cryptographic Algorithm 2. RISK EVALUATION If an attacker has physical access to the device, it is possible to reboot the device, cause a denial of service condition, or gain full control of the relay by abusing a specially crafted reset token. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports the following products are affected: Schneider Electric PowerLogic P5: Versions 01.500.104 and prior 3.2 Vulnerability Overview 3.2.1 USE OF A BROKEN OR RISKY CRYPTOGRAPHIC ALGORITHM CWE-327 A vulnerability exists, which could cause denial of service, a device reboot, or an attacker to gain full control of the relay. When a specially-crafted reset token is entered into the front panel of the device, an exploit exists due to the device's utilization of a risky cryptographic algorithm. CVE-2024-5559 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been assigned; the CVSS vector string is (CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing COUNTRIES/AREAS DEPLOYED: Worldwide COMPANY HEADQUARTERS LOCATION: France 3.4 RESEARCHER Schneider Electric CPCERT reported this vulnerability to CISA. 4. MITIGATIONS Schneider Electric has identified the following specific workarounds and mitigations users can apply to r...
Source: All CISA Advisories
November 27th, 2024 (5 months ago)
Schneider Electric PowerLogic PM55xx and PowerLogic PM8ECC
Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: PowerLogic PM5500 and PowerLogic PM8ECC Vulnerabilities: Weak Password Recovery Mechanism for Forgotten Password, Improper Authentication 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result in an attacker gaining escalated privileges and obtaining control of the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of PowerLogic PM55xx power metering devices and PowerLogic PM8ECC ethernet communication module are affected: PM5560: Versions prior to v2.7.8 PM5561: Versions prior to v10.7.3 PM5562: v2.5.4 and prior PM5563: Versions prior to v2.7.8 PM8ECC: All versions 3.2 Vulnerability Overview 3.2.1 WEAK PASSWORD RECOVERY MECHANISM FOR FORGOTTEN PASSWORD CWE-640 The affected product is vulnerable due to weak password recovery mechanisms, which may allow an attacker to gain unauthorized access and potentially deny service to legitimate system users. CVE-2021-22763 has been assigned to this vulnerability. A CVSS v3.1 base score of 8.1 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2021-22763. A base score of 9.5 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H). 3.2.2 IMPROPER AUTHENTICATION CWE-287 The affected product is vulnerable ...
Source: All CISA Advisories
November 27th, 2024 (5 months ago)
Schneider Electric EcoStruxure Control Expert, EcoStruxure Process Expert, and Modicon M340, M580 and M580 Safety PLCs
Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: EcoStruxure Control Expert, EcoStruxure Process Expert and Modicon M340, M580 and M580 Safety PLCs Vulnerabilities: Improper Enforcement of Message Integrity During Transmission in a Communication Channel, Use of Hard-coded Credentials, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a denial of service, a loss of confidentiality, and threaten the integrity of controllers. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Schneider Electric products are affected: Modicon M340 CPU (part numbers BMXP34*): Versions prior to sv3.60 (CVE-2023-6408) Modicon M580 CPU (part numbers BMEP* and BMEH* excluding M580 CPU Safety): Versions prior to SV4.20 (CVE-2023-6408) Modicon M580 CPU Safety: Versions prior to SV4.21 (CVE-2023-6408) EcoStruxure Control Expert: Versions prior to v16.0 EcoStruxure Process Expert: Versions prior to v2023 Modicon MC80 (part numbers BMKC80): All versions (CVE-2023-6408) Modicon Momentum Unity M1E Processor (171CBU*): All versions (CVE-2023-6408) 3.2 Vulnerability Overview 3.2.1 IMPROPER ENFORCEMENT OF MESSAGE INTEGRITY DURING TRANSMISSION IN A COMMUNICATION CHANNEL CWE-924 An improper enforcement of message integrity during transmission in a communication channel vulnerability exists that could cause a denial of service, a loss of confidentiality, and threaten the i...
Source: All CISA Advisories
November 27th, 2024 (5 months ago)
Hitachi Energy MicroSCADA Pro/X SYS600
Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerabilities: Improper Neutralization of Special Elements in Data Query Logic, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Authentication Bypass by Capture-replay, Missing Authentication for Critical Function, URL Redirection to Untrusted Site ('Open Redirect') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to inject code towards persistent data, manipulate the file system, hijack a session, or engage in phishing attempts against users. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Hitachi Energy products are affected: Hitachi Energy MicroSCADA Pro/X SYS600: Version 10.0 to Version 10.5 (CVE-2024-4872, CVE-2024-3980, CVE-2024-3982, CVE-2024-7941) Hitachi Energy MicroSCADA Pro/X SYS600: Version 10.2 to Version 10.5 (CVE-2024-7940) Hitachi Energy MicroSCADA Pro/X SYS600: Version 10.5 (CVE-2024-7941) Hitachi Energy MicroSCADA Pro/X SYS600: Version 9.4 FP1 (CVE-2024-3980) Hitachi Energy MicroSCADA Pro/X SYS600: Version 9.4 FP2 HF1 to Version 9.4 FP2 HF5 (CVE-2024-4872, CVE-2024-3980) 3.2 Vulnerability Overview 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS IN DATA QUERY LOGIC CWE-943 A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker ...
Source: All CISA Advisories
November 27th, 2024 (5 months ago)
Analysis of Elpaco: a Mimic variant
Description: Kaspersky experts describe an Elpaco ransomware sample, a Mimic variant, which abuses the Everything search system for Windows and provides custom features via a GUI.
Source: Unknown Source
November 27th, 2024 (5 months ago)