Search
Close this search box.

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of November 19 - 25. Sign up to get these updates right to your inbox!

NOVEMBER 21, 2023

WAGO PFC200 Series

WAGO PFC200 Series contains an externally controlled reference to a resource in another sphere vulnerability that can allow an attacker with administrative privileges to access sensitive files in an unintended, undocumented way.


Sources: CISA, WAGO

Fuji Electric Tellus Lite V-Simulator

Fuji Electric Tellus Lite V-Simulator contains stack-based buffer overflow, out-of-bounds write and improper access control vulnerabilities that can crash the device being accessed, allow remote code execution or overwrite files.


Sources: CISA, Fuji Electric

Mitsubishi Electric CNC Series (Update C)

Mitsubishi Electric CNC Series (Update C) contains a classic buffer overflow vulnerability that can allow a malicious remote attacker to cause a denial-of-service condition and execute malicious code on the product by sending specially crafted packets.


Sources: CISA, Mitsubishi Electric

Keysight N8844A Data Analytics Web Service (Update A)

Keysight N8844A Data Analytics Web Service (Update A) contains a deserialization of untrusted data vulnerability that can lead to remote code execution.


Sources: CISA, Keysight

Rockwell Automation Stratix 5800 and Stratix 5200 (Update A)

Rockwell Automation Stratix 5800 and Stratix 5200 (Update A) contain unprotected alternate channel and OS command injection vulnerabilities that can allow an unauthenticated attacker to take control of the affected system.


Sources: CISA, Rockwell Automation

SUBSCRIBE

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES