Search
Close this search box.

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of March 3 - 9. Sign up to get these updates right to your inbox!

MARCH 07, 2024

Chirp Systems Chirp Access

Chirp Systems Chirp Access contains a use of hard-coded credentials vulnerability that can allow an attacker to take control and gain unrestricted physical access to systems using the affected product.


Sources: CISA, Chirp Systems

Nice Linear eMerge E3-Series

Nice Linear eMerge E3-Series contains path traversal, cross-site scripting, OS command injection and more vulnerabilities that can allow a remote attacker to gain full system access.


Sources: CISA, Nice/Nortek

MARCH 06, 2024

Apple iOS, iPadOS, macOS, tvOS and watchOS RTKit

Apple iOS, iPadOS, macOS, tvOS and watchOS RTKit contain a memory corruption vulnerability that allows an attacker with arbitrary kernel read and write capability to bypass kernel memory protections.

Sources: CISA, NIST

JetBrains TeamCity

JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.

Sources: CISA, NIST

MARCH 05, 2024

Santesoft Sante FFT Imaging

Santesoft Sante FFT Imaging contains an out-of-bounds write vulnerability that can allow a local attacker to execute arbitrary code once a user opens a malicious DCM file on affected FFT Imaging installations.


Sources: CISA, Santesoft

Integration Objects OPC UA Server Toolkit (Update A)

Integration Objects OPC UA Server Toolkit (Update A) contains an improper output neutralization for logs vulnerability that can allow a remote attacker to add content to the log file.


Sources: CISA, Integration Objects

Sunhillo SureLine

Sunhillo SureLine contains an OS command injection vulnerability that allows an attacker to cause a denial-of-service or utilize the device for persistence on the network via shell metacharacters in ipAddr or dnsAddr in/cgi/networkDiag.cgi.

Sources: CISA, NIST

SUBSCRIBE

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES