Search
Close this search box.

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of April 23 - 29. Sign up to get these updates right to your inbox!

APRIL 28, 2023

BM Maximo Asset Management

BM Maximo Asset Management contains an HTML injection vulnerability that could allow a remote attacker to inject malicious HTML code and disrupt a system or device.

Sources: CVE, IBM

APRIL 27, 2023

Illumina Universal Copy Service

Illumina Universal Copy Service contains binding to an unrestricted IP address and execution with unnecessary privileges vulnerabilities that can allow an attacker to take any action at the operating system level.


Sources: CISA, Illumina

mySCADA myPRO

mySCADA myPRO contains a command injection vulnerability that could allow a threat actor to exploit and inject arbitrary operating system commands.

Sources: CVE, CISA

IBM AIX 7.1, 7.2, 7.3

IBM AIX 7.1, 7.2 and 7.3 contain a command execution vulnerability that could lead to a nonprivileged local user executing arbitrary commands.

Sources: CVE, IBM

APRIL 25, 2023

Keysight N8844A Data Analytics Web Service

Keysight N8844A Data Analytics Web Service contains a deserialization of untrusted data vulnerability that could lead to remote code execution.


Sources: CISA, Keysight

Scada-LTS Third Party Component

Scada-LTS Third Party Component contains a cross-site scripting vulnerability that can allow loss of sensitive information and execution of arbitrary code.


Sources: CISA, Scada-LTS

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES