Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of November 13 - 19. Sign up to get these updates right to your inbox!
Red Lion Controls Crimson contains a path traversal vulnerability that could lead to an attacker obtaining user credential hashes.
Sources: Red Lion Security Updates, CISA
Cradlepoint IBR600 contains a command injection vulnerability that could lead to code execution and native system commands.
Sources: Cradlepoint Release Notes, CISA
CISA, the FBI and the Department of Health and Human Services (HHS) released a joint CSA that explains network defenders tactics, techniques and procedures (TTPs) and indicators of compromise (IOCs) associated with Hive ransomware variants.
Sources: CSA Hive Ransomware, CISA
CISA and the FBI published a Joint Cybersecurity Advisory (CSA) that explains how Iranian government-sponsored APT actors exploited a Log4Shell vulnerability in the unpatched VMware Horizon server.
Sources: Joint CSA, CISA
Mozilla Thunderbird 102.5, Firefox ESR 102.5 and Firefox 107 contain vulnerabilities that could lead to user confusion or spoofing attacks.
Sources: Thunderbird, Firefox ESR, Firefox, CISA
Cisco released security updates for Cisco Identity Services Engine (ISE) due to vulnerabilities found that could lead to private files being accessed.
Sources: Cisco Advisory, CISA
Multiple versions of Samba contain vulnerabilities that could lead to an attacker gaining control of affected systems.
Sources: Samba Security Releases, CISA
Mitsubishi Electric GT SoftGOT2000 contains an operating system (OS) command injection that could lead to the execution of malicious OS commands.
Sources: Mitsubishi Electric Advisory, CISA
CISA added one vulnerability to its known vulnerability catalog, a listing of vulnerabilities that are actively being exploited in the wild.
