#ICSVulnerabilities

ICS Patch Tuesday: Advisories Published by Siemens, Schneider, ABB, CISA

September 11, 2024 by Xynik

September 11, 2024 at 05:15AM The September 2024 Patch Tuesday saw security advisories from Siemens, Schneider Electric, and ABB, addressing critical vulnerabilities in their products, including authentication bypass, remote code execution, and privilege escalation issues. CISA also issued advisories for various ICS vulnerabilities, emphasizing the importance of implementing available mitigations and workarounds. Based on the … Read more

CISA Flags ICS Bugs in Baxter, Mitsubishi Products

September 6, 2024 by Xynik

September 6, 2024 at 04:11PM CISA warned about vulnerabilities in healthcare and manufacturing industries’ industrial control systems. Baxter’s Connex Health Portal had severe vulnerabilities, including unauthorized access and SQL injection, and Mitsubishi Electric’s MELSEC had denial-of-service vulnerabilities. CISA advised organizations to update their systems and minimize network exposure due to the increasing cyber threats facing … Read more

Prevalence and Impact of Password Exposure Vulnerabilities in ICS/OT

June 14, 2024 by Xynik

June 14, 2024 at 03:00AM Password exposure vulnerabilities in industrial control systems and operational technology pose significant risks. Hackers have targeted ICS systems using weak and default passwords, with examples including the Iranian government’s hijacking of systems at a water authority in Pennsylvania. To address these issues, experts recommend strong password management practices, encryption, and … Read more

ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA

June 12, 2024 by Xynik

June 12, 2024 at 05:06AM The June 2024 Patch Tuesday brought advisories from Siemens, Aveva, Schneider Electric, and the US cybersecurity agency CISA. Siemens published 14 new advisories addressing over 120 vulnerabilities, including critical authentication bypass and code execution flaws. Aveva released advisories for high-severity local and remote code execution vulnerabilities. Schneider Electric disclosed 11 … Read more

Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers

March 4, 2024 by Xynik

March 4, 2024 at 07:18AM A team of Georgia Tech researchers developed web-based PLC malware, IronSpider, targeting modern PLCs such as Wago, Siemens, and others. This malware exploits web APIs, can persist through updates and hardware replacements, and has potential for real-time data exfiltration and destruction of industrial processes. The researchers also proposed a vendor-agnostic … Read more