CyberAlerts

Schneider Electric EcoStruxure Control Expert, EcoStruxure Process Expert, and Modicon M340, M580 and M580 Safety PLCs

Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: EcoStruxure Control Expert, EcoStruxure Process Expert and Modicon M340, M580 and M580 Safety PLCs Vulnerabilities: Improper Enforcement of Message Integrity During Transmission in a Communication Channel, Use of Hard-coded Credentials, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a denial of service, a loss of confidentiality, and threaten the integrity of controllers. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Schneider Electric products are affected: Modicon M340 CPU (part numbers BMXP34*): Versions prior to sv3.60 (CVE-2023-6408) Modicon M580 CPU (part numbers BMEP* and BMEH* excluding M580 CPU Safety): Versions prior to SV4.20 (CVE-2023-6408) Modicon M580 CPU Safety: Versions prior to SV4.21 (CVE-2023-6408) EcoStruxure Control Expert: Versions prior to v16.0 EcoStruxure Process Expert: Versions prior to v2023 Modicon MC80 (part numbers BMKC80): All versions (CVE-2023-6408) Modicon Momentum Unity M1E Processor (171CBU*): All versions (CVE-2023-6408) 3.2 Vulnerability Overview 3.2.1 IMPROPER ENFORCEMENT OF MESSAGE INTEGRITY DURING TRANSMISSION IN A COMMUNICATION CHANNEL CWE-924 An improper enforcement of message integrity during transmission in a communication channel vulnerability exists that could cause a denial of service, a loss of confidentiality, and threaten the i...

Source: All CISA Advisories

November 27th, 2024 (5 months ago)

Hitachi Energy MicroSCADA Pro/X SYS600

Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerabilities: Improper Neutralization of Special Elements in Data Query Logic, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Authentication Bypass by Capture-replay, Missing Authentication for Critical Function, URL Redirection to Untrusted Site ('Open Redirect') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to inject code towards persistent data, manipulate the file system, hijack a session, or engage in phishing attempts against users. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Hitachi Energy products are affected: Hitachi Energy MicroSCADA Pro/X SYS600: Version 10.0 to Version 10.5 (CVE-2024-4872, CVE-2024-3980, CVE-2024-3982, CVE-2024-7941) Hitachi Energy MicroSCADA Pro/X SYS600: Version 10.2 to Version 10.5 (CVE-2024-7940) Hitachi Energy MicroSCADA Pro/X SYS600: Version 10.5 (CVE-2024-7941) Hitachi Energy MicroSCADA Pro/X SYS600: Version 9.4 FP1 (CVE-2024-3980) Hitachi Energy MicroSCADA Pro/X SYS600: Version 9.4 FP2 HF1 to Version 9.4 FP2 HF5 (CVE-2024-4872, CVE-2024-3980) 3.2 Vulnerability Overview 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS IN DATA QUERY LOGIC CWE-943 A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker ...

Source: All CISA Advisories

November 27th, 2024 (5 months ago)

Analysis of Elpaco: a Mimic variant

Description: Kaspersky experts describe an Elpaco ransomware sample, a Mimic variant, which abuses the Everything search system for Windows and provides custom features via a GUI.

Source: Unknown Source

November 27th, 2024 (5 months ago)

Consumer and privacy predictions for 2025

Description: Kaspersky experts look back on their expectations about the 2024 privacy and consumer cyberthreats trends and try to predict what to expect in 2025.

Source: Unknown Source

November 27th, 2024 (5 months ago)

My Car Knows My Secrets, and I'm (Mostly) OK With That

Description: Imagine your car gossiping to insurance companies about your lead foot, or data brokers peddling your daily coffee run. Welcome to the world of connected cars, where convenience and privacy are locked in a head-on collision.

Source: Dark Reading

November 27th, 2024 (5 months ago)

CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce

Description: Findings reveal growing cybersecurity risks in ecommerce, exposing vulnerabilities in PII handling and lack of basic security protections like HTTPS and WAFs

Source: Dark Reading

November 27th, 2024 (5 months ago)

CyberRatings.org Announces Test Results for Cloud Service Provider Native Firewalls

Description: Protection ranged from 0.38% to 50.57% for security effectiveness.

Source: Dark Reading

November 27th, 2024 (5 months ago)

OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts

Description: Cyberattackers have been targeting the online NFT marketplace with emails claiming to make an offer to a targeted user; in reality, clicking on a malicious link takes victims to a crypto-draining site.

Source: Dark Reading

November 27th, 2024 (5 months ago)

AWS Rolls Out Updates to Amazon Cognito

Description: Amazon Web Services' identity and access management platform has added new features that help developers implement secure, scalable, and customizable authentication solutions for their applications.

Source: Dark Reading

November 27th, 2024 (5 months ago)

Salt Typhoon Builds Out Malware Arsenal With GhostSpider

Description: The APT, aka Earth Estries, is one of China's most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected.

Source: Dark Reading

November 27th, 2024 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	Schneider Electric EcoStruxure Control Expert, EcoStruxure Process Expert, and Modicon M340, M580 and M580 Safety PLCs Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: EcoStruxure Control Expert, EcoStruxure Process Expert and Modicon M340, M580 and M580 Safety PLCs Vulnerabilities: Improper Enforcement of Message Integrity During Transmission in a Communication Channel, Use of Hard-coded Credentials, Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a denial of service, a loss of confidentiality, and threaten the integrity of controllers. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Schneider Electric products are affected: Modicon M340 CPU (part numbers BMXP34): Versions prior to sv3.60 (CVE-2023-6408) Modicon M580 CPU (part numbers BMEP and BMEH* excluding M580 CPU Safety): Versions prior to SV4.20 (CVE-2023-6408) Modicon M580 CPU Safety: Versions prior to SV4.21 (CVE-2023-6408) EcoStruxure Control Expert: Versions prior to v16.0 EcoStruxure Process Expert: Versions prior to v2023 Modicon MC80 (part numbers BMKC80): All versions (CVE-2023-6408) Modicon Momentum Unity M1E Processor (171CBU*): All versions (CVE-2023-6408) 3.2 Vulnerability Overview 3.2.1 IMPROPER ENFORCEMENT OF MESSAGE INTEGRITY DURING TRANSMISSION IN A COMMUNICATION CHANNEL CWE-924 An improper enforcement of message integrity during transmission in a communication channel vulnerability exists that could cause a denial of service, a loss of confidentiality, and threaten the i... Source: All CISA Advisories November 27th, 2024 (5 months ago)
	Hitachi Energy MicroSCADA Pro/X SYS600 Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA Pro/X SYS600 Vulnerabilities: Improper Neutralization of Special Elements in Data Query Logic, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Authentication Bypass by Capture-replay, Missing Authentication for Critical Function, URL Redirection to Untrusted Site ('Open Redirect') 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to inject code towards persistent data, manipulate the file system, hijack a session, or engage in phishing attempts against users. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Hitachi Energy products are affected: Hitachi Energy MicroSCADA Pro/X SYS600: Version 10.0 to Version 10.5 (CVE-2024-4872, CVE-2024-3980, CVE-2024-3982, CVE-2024-7941) Hitachi Energy MicroSCADA Pro/X SYS600: Version 10.2 to Version 10.5 (CVE-2024-7940) Hitachi Energy MicroSCADA Pro/X SYS600: Version 10.5 (CVE-2024-7941) Hitachi Energy MicroSCADA Pro/X SYS600: Version 9.4 FP1 (CVE-2024-3980) Hitachi Energy MicroSCADA Pro/X SYS600: Version 9.4 FP2 HF1 to Version 9.4 FP2 HF5 (CVE-2024-4872, CVE-2024-3980) 3.2 Vulnerability Overview 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS IN DATA QUERY LOGIC CWE-943 A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker ... Source: All CISA Advisories November 27th, 2024 (5 months ago)
	Analysis of Elpaco: a Mimic variant Description: Kaspersky experts describe an Elpaco ransomware sample, a Mimic variant, which abuses the Everything search system for Windows and provides custom features via a GUI. Source: Unknown Source November 27th, 2024 (5 months ago)
	Consumer and privacy predictions for 2025 Description: Kaspersky experts look back on their expectations about the 2024 privacy and consumer cyberthreats trends and try to predict what to expect in 2025. Source: Unknown Source November 27th, 2024 (5 months ago)
	My Car Knows My Secrets, and I'm (Mostly) OK With That Description: Imagine your car gossiping to insurance companies about your lead foot, or data brokers peddling your daily coffee run. Welcome to the world of connected cars, where convenience and privacy are locked in a head-on collision. Source: Dark Reading November 27th, 2024 (5 months ago)
	CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce Description: Findings reveal growing cybersecurity risks in ecommerce, exposing vulnerabilities in PII handling and lack of basic security protections like HTTPS and WAFs Source: Dark Reading November 27th, 2024 (5 months ago)
	CyberRatings.org Announces Test Results for Cloud Service Provider Native Firewalls Description: Protection ranged from 0.38% to 50.57% for security effectiveness. Source: Dark Reading November 27th, 2024 (5 months ago)
	OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts Description: Cyberattackers have been targeting the online NFT marketplace with emails claiming to make an offer to a targeted user; in reality, clicking on a malicious link takes victims to a crypto-draining site. Source: Dark Reading November 27th, 2024 (5 months ago)
	AWS Rolls Out Updates to Amazon Cognito Description: Amazon Web Services' identity and access management platform has added new features that help developers implement secure, scalable, and customizable authentication solutions for their applications. Source: Dark Reading November 27th, 2024 (5 months ago)
	Salt Typhoon Builds Out Malware Arsenal With GhostSpider Description: The APT, aka Earth Estries, is one of China's most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected. Source: Dark Reading November 27th, 2024 (5 months ago)