Search
Close this search box.

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of May 28 - June 3. Sign up to get these updates right to your inbox!

JUNE 01, 2023

Advantech WebAccess/SCADA

In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability that could allow an attacker to overwrite any file in the operating system (including system files), inject code into an XLS file and modify the file extension, which could lead to arbitrary code execution.

Sources: CISA

Hitachi Energy Relion 670, 650 and SAM600-IO (Update B)

Hitachi Energy Relion 670, 650 and SAM600-IO have a vulnerability that could allow an attacker to reboot the device regularly, resulting in a denial-of-service condition. The primary functionality of the device is not available during the reboot phase.

Sources: CISA, Hitachi

HID Global SAFE

HID Global SAFE has a vulnerability that could result in exposure of personal data or create a denial-of-service condition.

Sources: CISA, HID

Mitsubishi Electric FA Engineering Software (Update A)

Mitsubishi Electric FA Engineering Software contains vulnerabilities that could allow unauthorized users to gain access to the MELSEC iQ-R/F/L series CPU modules and the MELSEC iQ-R series OPC UA server module or to view and execute programs or view project files without permissions.

Sources: CISA

Delta Electronics DIAEnergie (Update A)

Delta Electronics DIAEnergie contains a vulnerability that could allow executable files to be uploaded to certain directories using hard-coded bearer authorization, thus allowing remote code execution.

Sources: CISA

Progress Software MOVEit Transfer

Progress Software MOVEit Transfer contains an SQL injection vulnerability that could allow a threat actor to take over an affected system.


Sources: CISA, Progress Software

SUBSCRIBE

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES