Search
Close this search box.

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of August 27 - September 2. Sign up to get these updates right to your inbox!

AUGUST 31, 2023

ARDEREG Sistemas SCADA

ARDEREG Sistemas SCADA contains an SQL Injection vulnerability that can allow an attacker to manipulate SQL query logic to extract sensitive information and perform unauthorized actions within the database.


Sources: CISA, NIST

​GE Digital CIMPLICITY

​GE Digital CIMPLICITY contains a process control vulnerability that can allow a low-privileged local attacker to escalate privileges to SYSTEM.


Sources: CISA, GE Digital

PTC Kepware KepServerEX

PTC Kepware KepServerEX contains uncontrolled search path element, improper input validation and insufficiently protected credentials vulnerabilities that can allow an attacker to gain elevated privileges, execute arbitrary code, and obtain server hashes and credentials.


Sources: CISA, PTC

Digi RealPort Protocol

Digi RealPort Protocol contains a use of password hash instead of password for authentication vulnerability that can allow the attacker to access connected equipment.


Sources: CISA, Digi

AUGUST 30, 2023

Juniper Networks Junos OS

Juniper Networks Junos OS contains a remote execution vulnerability that can lead to a denial-of-service condition.

Sources: CISA, Juniper

AUGUST 29, 2023

PTC Codebeamer

PTC Codebeamer contains a cross site scripting vulnerability that can allow an attacker to inject arbitrary JavaScript code, which could be executed in the victim's browser upon clicking on a malicious link.


Sources: CISA, PTC

SUBSCRIBE

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES