Search
Close this search box.

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of October 16 - 22. Sign up to get these updates right to your inbox!

OCTOBER 21, 2022

Cisco Identity Services Engine

Cisco released security updates for Cisco Identity Services Engine (ISE) due to vulnerabilities found that could lead to an attacker gaining control of affected systems.

Sources: Cisco Advisories, CISA

OCTOBER 20, 2022

Bentley Systems MicroStation Connect

Bentley Systems MicroStation Connect contains stack-based buffer overflow and out-of-bounds read vulnerabilities that could lead to the device crashing or allow remote arbitrary code execution.

Sources: Bentley Support, CISA

B. Braun Infusomat Space Large Volume Pump

B. Braun Infusomat Space Large Volume Pump contains unrestricted upload of file with dangerous type, cleartext transmission of sensitive information, missing authentication for critical function, insufficient verification of data authenticity and improper input validation vulnerabilities.

Sources: B. Braun Advisory, CISA

B. Braun SpaceCom, Battery Pack SP with Wi-Fi and Data module compactplus

B. Braun SpaceCom, Battery Pack SP with Wi-Fi and Data module compactplus contains cross-site scripting, open redirect, XPath injection, session fixation, use of a one-way hash without a salt, relative path traversal, improper verification of cryptographic signature, improper privilege management, use of hard-coded credentials, and active debug code and improper access control vulnerabilities.

Sources: B. Braun Advisory, CISA

Mozilla Firefox

Mozilla released updates due to vulnerabilities found in Firefox ESR and Firefox that could lead to a denial-of-service condition.

Sources: Firefox ESR, Firefox, CISA

OCTOBER 19, 2022

Oracle Patch Update

Oracle released its critical patch update for October that addresses 366 vulnerabilities that could lead to an attacker gaining control of affected systems.

Sources: Oracle Patch Update, CISA

OCTOBER 18, 2022

Advantech R-SeeNet

Advantech R-SeeNet contains path traversal and stack-based buffer overflow vulnerabilities that could lead to an attacker remotely deleting files or remote code execution.

Sources: CISA

Hitachi Energy Transformer Asset Performance Management (APM) Edge

Hitachi Energy Transformer Asset Performance Management (APM) Edge contains a reliance on uncontrolled component vulnerability that could lead to the product becoming inaccessible.


Sources: Hitachi Energy Advisory, CISA

Advantech R-SeeNet part 2

Advantech R-SeeNet contains path traversal and stack-based overflow vulnerabilities that could lead to an attacker remotely deleting files or remote code execution.

Sources: CISA

SUBSCRIBE

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES