Widely used modems in industrial IoT devices open to SMS attack

May 11, 2024 at 09:14AM Security flaws in Telit Cinterion cellular modems, reported by Kaspersky, allow remote attackers to execute arbitrary code via SMS. The most severe vulnerability, CVE-2023-47610, has a severity score of 9.8 and could allow attackers to take control of vulnerable devices without authentication. Telit has patched some vulnerabilities, but others remain. … Read more

Critical, Unpatched Cisco Zero-Day Bug Is Under Active Exploit

October 16, 2023 at 04:52PM Cisco has disclosed a critical zero-day vulnerability in the Web User Interface of its IOS XE operating system. The flaw, assigned as CVE-2023-20198, affects all Cisco IOS XE devices with the Web UI feature enabled and allows attackers to create an account with complete device control. Cisco advises customers to … Read more