Security CERT Global
- CERTFR-2024-AVI-0353 : Multiples vulnérabilités dans le noyau Linux de Red Hat (26 avril 2024)
- CERTFR-2024-AVI-0349 : [SCADA] Vulnérabilité dans les produits Belden (26 avril 2024)
- CERTFR-2024-AVI-0350 : Multiples vulnérabilités dans les produits IBM (26 avril 2024)
- CERTFR-2024-AVI-0352 : Multiples vulnérabilités dans le noyau Linux d’Ubuntu (26 avril 2024)
- CERTFR-2024-AVI-0351 : Multiples vulnérabilités dans le noyau Linux de SUSE (26 avril 2024)
- NIS2 – Richtlinie: Ein zweiter Blick auf den Text
- Ny chef for DKCERT udpeget
- CERT-SE:s veckobrev v.17
- JVN: Chirp Systems製スマートフォンアプリ「Chirp Access」におけるハードコードされたパスワードの使用の脆弱性
- JVN: 複数のHoneywell製品における複数の脆弱性
- JVN: Hitachi Energy製RTU500シリーズおよびMACH SCMにおける複数の脆弱性
- ALERT Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services: CVSS (Max): 8.6
- OpenShift Virtualization 4.14.5 Images: CVSS (Max): 7.5
- unbound: CVSS (Max): 7.5
- buildah: CVSS (Max): 8.6
- yajl: CVSS (Max): 6.5
- buildah: CVSS (Max): 8.6
- Service Telemetry Framework 1.5.4: CVSS (Max): 7.5
- FreeRDP: CVSS (Max): 7.5
- Zabbix: CVSS (Max): 5.4
- Honeywell Products: CVSS (Max): 8.1
- Hitachi Energy MACH SCM: CVSS (Max): 7.5
- nghttp2: CVSS (Max): 7.5
- UPDATE Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software: CVSS (Max): 6.0
- Hitachi Energy RTU500 series: CVSS (Max): 8.2
- MozillaThunderbird: CVSS (Max): 7.5
- Siemens RUGGEDCOM APE1808 Devices: CVSS (Max): 10.0
- buildah: CVSS (Max): 8.6
- putty: CVSS (Max): 8.1
- CryptoJS: CVSS (Max): 9.1
- SUSE Manager Client Tools: CVSS (Max): 5.4
- cockpit-wicked: CVSS (Max): 5.3
- ALERT Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software: CVSS (Max): 6.0
- UPDATE ALERT Cisco Adaptive Security Appliance and Firepower Threat Defense Software Web Services: CVSS (Max): 8.6
- tigervnc: CVSS (Max): 7.8
- Linux Kernel (Live Patch 19 for SLE 15 SP4): CVSS (Max): 7.8
- cockpit-wicked: CVSS (Max): 5.3
- Linux Kernel (Live Patch 23 for SLE 15 SP4): CVSS (Max): 7.8
- tigervnc: CVSS (Max): 7.8
- Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software: CVSS (Max): 6.0
- FreeRDP: CVSS (Max): 9.8
- tigervnc: CVSS (Max): 7.8
- SUSE Manager Client Tools and Salt: CVSS (Max): 8.5
- tigervnc: CVSS (Max): 7.8
- libreswan: CVSS (Max): 5.0
- IBM WebSphere Application Server and IBM WebSphere Application Server Liberty: CVSS (Max): 5.9
- python-idna: CVSS (Max): 6.5
- Cortex XDR: CVSS (Max): None
- nrpe: CVSS (Max): None
- tigervnc: CVSS (Max): 7.8
SEC Vulnerabilities: Analysis of Exploitable Vulnerability Sequences in Industrial Networked Systems: A Proof of Concepts
Software vulnerabilities can affect the security of any computer and industrial networked systems are no exception. Information about known vulnerabilities and possible countermeasures is being collected and published since several years, however the methodical introduction of changes and/or software patches in many industrial networks is not always possible, so that some known flaws can be left untreated as they are not considered harmful in principle.
http://ewic.bcs.org/upload/pdf/ewic_icscsr2015_paper7.pdf
Tags: Automation,CyberSecurity,ICS,ICS Vulnerabilities,IIot,Industrial Networked Systems,Infrastructure,SCADA,Vulnerability Sequences,