Search
Close this search box.

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of October 1 - 7. Sign up to get these updates right to your inbox!

OCTOBER 05, 2023

Hitachi Energy AFS65x, AFF66x, AFS67x and AFR67x Series Products

Hitachi Energy AFS65x, AFF66x, AFS67x and AFR67x Series Products contain incorrect calculation, integer overflow or wraparound, improper encoding or escaping of output vulnerabilities that can have a high impact on availability, integrity and confidentiality of the targeted devices.


Sources: CISA, Hitachi Energy

Qognify NiceVision

Qognify NiceVision contains a use of hard-coded credentials vulnerability that can allow an attacker to retrieve sensitive information about the cameras managed by the platform and its users.


Sources: CISA, Qognify

Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch contains observable timing discrepancy and double free vulnerabilities that can result in disclosure of information stored in the product by sending specially crafted packets or could cause a denial-of service (DoS) condition by getting a legitimate user to import a specially crafted certificate.


Sources: CISA, Mitsubishi Electric

Progress WS_FTP Server

Progress WS_FTP Server contains a deserialization of untrusted data vulnerability that can allow an authenticated attacker to execute remote commands on the underlying operating system.

Sources: CISA, NIST

Atlassian Confluence Data Center

Atlassian Confluence Data Center and Server contains a privilege escalation vulnerability that could allow an attacker to create unauthorized Confluence administrator accounts and access Confluence.

Sources: CISA, NIST

OCTOBER 04, 2023

JetBrains TeamCity

JetBrains TeamCity contains an authentication bypass vulnerability that allows for remote code execution on TeamCity servers.

Sources: CISA, NIST

OCTOBER 03, 2023

Arm Mali GPU

Arm Mali GPU contains a kernel driver use-after-free vulnerability that can allow a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.

Sources: CISA, NIST

SUBSCRIBE

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES