Search
Close this search box.

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of September 3 - 9. Sign up to get these updates right to your inbox!

SEPTEMBER 07, 2023

Fujitsu Limited Real-time Video Transmission Gear “IP series”

Fujitsu Limited Real-time Video Transmission Gear "IP series" contains a use of hard-coded credentials vulnerability that can result in an attacker logging into the web interface using the obtained credentials.


Sources: CISA, Fujitsu Limited

Softneta MedDream PACS

Softneta MedDream PACS contains exposed dangerous method or function and plaintext storage of a password vulnerabilities that can allow an attacker to obtain and leak plaintext credentials or remotely execute arbitrary code.


Sources: CISA, Softneta

SEPTEMBER 06, 2023

Apache Rocket MQ

Apache Rocket MQ contains a command execution vulnerability that can result in remote execution.

Sources: CISA, NIST

SEPTEMBER 05, 2023

Dover Fueling Solutions MAGLINK LX Console contains authentication bypass using an alternate path or channel, improper access control and path traversal vulnerabilities that can allow an attacker to gain full access to the system.


Sources: CISA, Dover

Phoenix Contact TC ROUTER and TC CLOUD CLIENT

Phoenix Contact TC ROUTER and TC CLOUD CLIENT contain cross-site scripting and XML entity expansion vulnerabilities that can execute code in the context of the user's browser or cause a denial of service.


Sources: CISA, Phoenix Contact

Socomec MOD3GP-SY-120K

Socomec MOD3GP-SY-120K contains cross-site scripting, cross-site request forgery, insecure storage of sensitive information and more vulnerabilities that can allow an attacker to execute malicious Javascript code, obtain sensitive information or steal session cookies.


Sources: CISA, Socomec

Delta Electronics CNCSoft-B DOPSoft (Update)

Delta Electronics CNCSoft-B DOPSoft (Update) contains stack-based buffer overflow and heap-based buffer overflow vulnerabilities that can allow an attacker to exploit a buffer overflow condition and remotely execute arbitrary code.


Sources: CISA, Delta Electronics

SUBSCRIBE

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES