Close this search box.

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of December 25 - 31. Sign up to get these updates right to your inbox!

DECEMBER 29, 2022

TIBCO JasperReports Server

TIBCO JasperReports Server contains an information disclosure vulnerability that may allow any authenticated user read-only access to the contents of the web application, including key configuration files.

Sources: CISA, NIST

TIBCO JasperReports Library

TIBCO JasperReports Library contains a directory-traversal vulnerability that may allow web server users to access contents of the host system.

Sources: CISA, TIBCO

DECEMBER 27, 2022

Rockwell Automation Studio 5000 Logix Emulate software

Rockwell Automation Studio 5000 Logix Emulate software contains an elevated permissions vulnerability that can allow an unauthorized user to remotely execute code on the targeted software.

Sources: CVE, Rockwell Automation

DECEMBER 26, 2022

Citrix ADC and Citrix GatewayCitrix products

Citrix ADC and Citrix Gateway contain an authentication vulnerability that can allow unauthorized users access to information when there is a configured SSL VPN endpoint.

Sources: CVE, Citrix

Emerson DeltaV Distributed Control System

Emerson DeltaV Distributed Control System contains an insufficient verification of firmware integrity vulnerability that can lead to unauthorized user access.

Sources: CVE, Emerson




Keep your finger on the pulse of top industry news