Industrial Cybersecurity Pulse
  • SUBSCRIBE
  • Threats & Vulnerabilities
  • Strategies
  • IIoT & Cloud
  • Education
  • Networks
  • IT/OT
  • Facilities
  • Regulations
  • Threats & Vulnerabilities
  • Strategies
  • IIoT & Cloud
  • Education
  • Networks
  • IT/OT
  • Facilities
  • Regulations
  • Resources
  • Helpful Links
  • Editorial Calendar
  • Advertise
  • Contribute
  • Content Partners
  • Contact Us
  • Privacy Policy
  • Terms and Conditions
SUBSCRIBE
  • Resources
  • Helpful Links
  • Editorial Calendar
  • Advertise
  • Contribute
Industrial Cybersecurity Pulse
Subscribe
Industrial Cybersecurity Pulse
  • Threats & Vulnerabilities
  • Strategies
  • IIoT & Cloud
  • Education
  • Networks
  • IT/OT
  • Facilities
  • Regulations

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of June 12 - 18. Sign up to get these updates right to your inbox!

June 16, 2022

Cisco

Cisco released security updates for multiple products due to vulnerabilities found that could lead to an attacker gaining control of affected systems.

Sources:

Cisco,

CISA

Siemens

CISA released 31 ICS advisories for Siemens products due to multiple different vulnerabilities.

Sources:

CISA

AutomationDirect

CISA released three ICS advisories for AutomationDirect products: DirectLOGIC with Ethernet, DirectLOGIC with Serial Communication and C-more EA9 HMI.

Sources:

C-more EA9 HMI,

DirectLOGIC with Serial Communication,

DirectLOGIC with Ethernet,

CISA

Hillrom Medical

Hillrom Medical Welch Allyn medical devices contain use of hard-coded password and improper access control vulnerabilities that could lead to an attacker compromising software security by executing commands, gaining privileges, reading sensitive information, evading detection…

Sources:

Hillrom,

CISA

June 14, 2022

Mitsubishi Electric

Mitsubishi Electric MELSEC-Q/L Series and iQ-R Series contain an improper input validation that could lead to a denial-of-service condition or allow remote code execution.

Sources:

Mitsubishi Electric,

CISA

Meridian Cooperative

Meridian contains an improper access control vulnerability that could lead to a disclosure of sensitive information.

Sources:

Meridian,

CISA

Johnson Controls

Johnson Controls Metasys ADS/ADX/OAS servers contain unverified password change and cross-site scripting vulnerabilities that could lead to unauthorized users compromising passwords and injecting malicious code into web interfaces.

Sources:

Johnson Controls,

CISA

Microsoft

Microsoft released security updates due to vulnerabilities found that could lead to an attacker gaining control of affected systems.

Sources:

Microsoft,

CISA

Citrix

Citrix released security updates due to vulnerabilities found in Application Delivery Management that could lead to an attacker gaining control of affected systems.

Sources:

Citrix,

CISA

SAP

SAP released security updates for multiple products due to vulnerabilities found that could lead to an attacker gaining control of affected systems.

Sources:

SAP,

CISA

Adobe

Adobe released security updates for multiple products due to vulnerabilities found that could lead to an attacker gaining control of affected systems.

Sources:

CISA,

Adobe InCopy,

Adobe Bridge

June 13, 2022

Drupal

Drupal released security updates due to a third-party vulnerability that may affect contributed projects or custom code on Drupal sites, which could lead to an attacker gaining control of affected websites.

Sources:

CISA,

Drupal

Posts navigation
SUBSCRIBE

GET ON THE BEAT

Keep your finger on the pulse of top industry news

SUBSCRIBE TODAY!
VULNERABILITY PULSE
  • Mitsubishi Electric - June 14, 2022
  • Meridian Cooperative - June 14, 2022
  • Johnson Controls - June 14, 2022
  • Microsoft - June 14, 2022
  • Citrix - June 14, 2022

RECENT NEWS

  • Protecting the power grid through cyber-physical threat response
  • How to secure Industry 4.0 in a highly connected world
  • Managing external connections to your operational technology (OT) environment
  • Webcast: Addressing Cybersecurity Challenges in Industry 4.0
  • How a desert water utility helped protect critical infrastructure

EDUCATION BEAT

Introduction to Cybersecurity within Cyber-Physical Systems

Cyber-physical systems serve as the foundation and the invention base of the modern society making them critical to both government and business.

REGISTER NOW!
HACKS & ATTACKS
  • Ron Brash Interview: Expert advice on finding the root of the ransomware problem
  • Throwback Attack: How the modest Bowman Avenue Dam became the target of Iranian hackers
  • Minimizing the REvil impact delivered via Kaseya servers
  • Key takeaways from 2020 ICS-CERT vulnerabilities
Industrial Cybersecurity Pulse

Copyright 2022 CFE Media and Technology.
All rights reserved.


BETA

Version 1.0

  • Content Partners
  • Contact Us
  • Privacy Policy
  • Terms and Conditions

Input your search keywords and press Enter.

By using this website, you agree to our use of cookies. This may include personalization of content and ads, and traffic analytics. Review our Privacy Policy for more information. ACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT