Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of December 11 - 17. Sign up to get these updates right to your inbox!
Multiple versions of Samba contain vulnerabilities that could allow an attacker to take control of affected systems.
Sources: Samba Security Update, Samba Security Update 2, Samba Security Update 3, Samba Security Update 4, CISA
The FBI, the Food and Drug Administration Office of Criminal Investigations and the U.S. Department of Agriculture released a CSA titled "Criminal Actors Use Business Email Compromise to Steal Large Shipments of Food Products and Ingredients."
Sources: Joint CSA, CISA
Drupal released security updates due to vulnerabilities found that could allow an attacker to access sensitive information and remotely execute code.
Sources: Drupal Security Advisory, CISA
CISA released ICS advisories for 40 Siemens products.
Sources: Siemens Support, CISA
Prosys OPC UA Simulation Server contains an insufficiently protected credentials vulnerability that could lead to an attacker gaining credentials and access to system data.
Sources: Prosys Update, CISA
VMware ESXi, Workstation, Fusion and vRealize Network Insight contain vulnerabilities that could lead to an attacker gaining control of affected systems.
Sources: VMware vRealize Network Insight Security Advisory, VMware ESXi, Workstation and Fusion Security Advisory, CISA
Apple released security updates for multiple products due to vulnerabilities found that could lead to an attacker gaining control of affected systems.
Sources: Apple Security Updates, CISA
Microsoft released security updates due to vulnerabilities found in Microsoft software that could lead to an attacker gaining control of affected systems.
Sources: Microsoft Security Updates, CISA, Deployment Information
Mozilla released security updates for Thunderbird, Firefox ESR and Firefox due to vulnerabilities found that could lead to an attacker gaining control of affected systems.
Sources: Thunderbird, Firefox ESR, Firefox, CISA
ICONICS and Mitsubishi Electric Product Suite including GENESIS64, Hyper Historian, AnalytiX and MobileHMI contain a path traversal vulnerability that could lead to an attacker writing arbitrary files.
Sources: ICONICS Suite Security Patches, CISA
Schneider Electric APC Easy UPS Online contains missing authentication for critical function, unrestricted upload of file with dangerous type, incorrect permission assignment for critical resource and use of hard-coded credentials vulnerabilities that could lead to remote code execution, unauthenticated password changes and escalation of privileges.
Contec CONPROSYS HMI System contains an OS command injection vulnerability that could lead to a remote attacker sending specially crafted requests.
Sources: Contec Update, CISA
Citrix ADC and Citrix Gateway contain a vulnerability that could lead to an attacker gaining control of affected systems.
Sources: Citrix Security Advisory, Citrix Blog, CISA
Fortinet FortiOS contains a heap-based buffer overflow vulnerability that could lead to an attacker gaining control of affected systems. This has been exploited in the wild before.
Sources: Fortinet Security Advisory, CISA
