Search
Close this search box.

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of March 5 - 11. Sign up to get these updates right to your inbox!

MARCH 10, 2023

Plex Media Server

Plex Media Server contains a remote code execution vulnerability that could allow a remote, authenticated attacker to execute arbitrary Python code.

Sources: NIST, CISA

XStream’s XStream

XStream's XStream contains a remote code execution vulnerability that could allow an attacker to manipulate the processed input stream and replace or inject objects, resulting in execution of a local command on the server.

Sources: CISA, NIST

MARCH 09, 2023

Akuvox E11

Akuvox E11 contains improper authentication, use of hard-coded credentials, hidden functionality vulnerabilities and more that can cause loss of sensitive information, unauthorized access and grant full administrative control to an attacker.


Sources: CISA, Akuvox

B&R Systems Diagnostics Manager

B&R Systems Diagnostics Manager contains a cross-site scripting vulnerability that can allow an attacker to execute arbitrary code to exfiltrate data and perform any action within the user's browser session.


Sources: CISA, B&R

ABB Ability Symphony Plus

ABB Ability Symphony Plus contains an improper authentication vulnerability that could allow an unauthorized client to connect to the S+ Operations servers.


Sources: CISA, ABB

STEPTools Ifcmesh Library

STEPTools Ifcmesh Library contains a null pointer dereference vulnerability that could allow an attacker to deny application usage when reading a specially constructed file.

Sources: CISA, StepTools

Hitachi Energy Relion 670, 650 and SAM600-IO Series

Hitachi Energy Relion 670, 650 and SAM600-IO Series contains an insufficient verification of data authenticity vulnerability that could cause the Intelligent Electronic Device (IED) to restart, causing a temporary denial-of-service condition.


Sources: CISA, Hitachi Energy

SUBSCRIBE

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES