Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of September 25 - October 1. Sign up to get these updates right to your inbox!
Microsoft released a guide on zero-day vulnerabilities in Microsoft Exchange Server.
Sources: Microsoft Guidance, CISA
Mozilla released a security update for Thunderbird due to vulnerabilities found that could lead to an attacker gaining control of affected systems.
Sources: Mozilla Thunderbird Advisory, CISA
Drupal released security updates due to vulnerabilities found in multiple versions of Drupal that could lead to an attacker obtaining sensitive information.
Sources: Drupal Security Advisory, CISA
Hitachi Energy MicroSCADA Pro/X SYS600 contains improper input validation, improper privilege management, improper access control and improper handling of unexpected data type vulnerabilities that could lead to a denial-of-service condition.
Sources: Hitachi Energy Support, CISA, Hitachi Energy Advisory
Baxter Sigma Spectrum Infusion Pump contains missing encryption of sensitive data, use of externally controlled format string and missing authentication for critical function vulnerabilities that could lead to an attacker gaining access to sensitive data and alteration of system configuration.
Sources: Baxter Product Security Bulletin, CISA
ARC Informatique PcVue contains a cleartext storage of sensitive information vulnerability that could lead to access to the OAuth web service database.
Sources: Maintenance Release, CISA
Delta Electronics DOPSoft contains an out-of-bounds read vulnerability that could lead to an attacker obtaining sensitive information.
Sources: Delta Electronics Update, CISA
Delta Electronics DOPSoft contains an out-of-bounds read vulnerability that could lead to arbitrary code execution and disclose information.
Sources: Delta Electronics Update, CISA
VMWare released Protecting vSphere From Specialized Malware that explains VirtualPITA (ESXi & Linux), VirtualPIE (ESXi) and VirtualGATE (Windows).
Hitachi Energy AFS660/AFS665 contains an improper input validation vulnerability that could allow an attacker to overflow an internal buffer and fully compromise the target device.
Sources: Hitachi Advisory, CISA
Hitachi Energy Lumada Asset Performance Management (APM) Edge contains out-of-bounds write and improper authentication vulnerabilities that could lead to an escalation of privileges from a user account to root.
Sources: Hitachi Energy Advisory, CISA
Rockwell Automation ThinManager ThinServer contains a heap-based buffer overflow vulnerability that could lead to the software crashing; a buffer overflow condition may allow remote code execution.
