Search
Close this search box.

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of June 23 - 29. Sign up to get these updates right to your inbox!

JUNE 27, 2024

TELSAT marKoni FM Transmitter

TELSAT marKoni FM Transmitter contains command injection, use of hard-coded credentials, use of client-side authentication and other vulnerabilities that can allow an attacker to tamper with the product to bypass authentication or perform remote code execution.


Sources: CISA, Markoni

SDG Technologies PnPSCADA

SDG Technologies PnPSCADA contains a missing authorization vulnerability that can allow an attacker to attach various entities without requiring system authentication.


Sources: CISA, SDG Technologies

Yokogawa FAST/TOOLS and CI Server

Yokogawa FAST/TOOLS and CI Server contain cross-site scripting and empty password in configuration file vulnerabilities that can allow an attacker to launch a malicious script and take control of affected products.


Sources: CISA, Yokohama

Johnson Controls Illustra Essentials Gen 4

Johnson Controls Illustra Essentials Gen 4 contains an improper input validation vulnerability that can allow an attacker to inject commands.


Sources: CISA, Johnson Controls

JUNE 25, 2024

ABB Ability System 800xA

ABB Ability System 800xA contains an improper input validation vulnerability that can cause services to crash and restart.


Sources: CISA, ABB

PTC Creo Elements/Direct License Server

PTC Creo Elements/Direct License Server contains a missing authorization vulnerability that can allow unauthenticated remote attackers to execute arbitrary OS commands.


Sources: CISA, PTC

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES