Latest News
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Desigo CC Product Family and SENTRON Powermanager Vulnerability: Least Privilege Violation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow privilege escalation. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Desigo CC family V5.0: All versions Desigo CC family V5.1: All versions Desigo CC family V6: All versions Desigo CC family V7: All versions Desigo CC family V8: All versions SENTRON Powermanager V5: All versions SENTRON Powermanager V6: All versions SENTRON Powermanager V7: All versions SEN...
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.7 ATTENTION: Exploitable remotely Vendor: Siemens Equipment: Mendix SAML Module Vulnerability: Improper Verification of Cryptographic Signature 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated remote attackers to hijack an account in specific SSO configurations. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens Mendix SAML (Mendix 9.24 compatible): Versions prior to V3.6.21 Siemens Mendix SAML (Mendix 10.12 compatible): Versions prior to V4.0.3 Siemens Mendix SAML (Mendix 10.21 compatible): Versions prior to V4.1.2 3.2 VULNERABILITY OV...
The UK’s South Yorkshire Police lost 96,000 bodycam videos in a data transfer mishap, impacting 126 cases. Poor…
The U.K. government has apparently abandoned its plans to force Apple to weaken encryption protections and include a backdoor that would have enabled access to the protected data of U.S. citizens. U.S. Director of National Intelligence (DNI) Tulsi Gabbard, in a statement posted on X, said the U.S. government had been working with its partners with the U.K. over the past few months to ensure that
After two decades of developing increasingly mature security architectures, organizations are running up against a hard truth: tools and technologies alone are not enough to mitigate cyber risk. As tech stacks have grown more sophisticated and capable, attackers have shifted their focus. They are no longer focusing on infrastructure vulnerabilities alone. Instead, they are increasingly
Ransomware attackers continue to primarily target small and medium-sized manufacturing businesses in Japan.
Get an inside look at how JJ Cummings helped build and lead one of Cisco Talos’ most impactful security teams, and discover what drives him to stay at the forefront of threat intelligence.
The maintainers of the Python Package Index (PyPI) repository have announced that the package manager now checks for expired domains to prevent supply chain attacks. "These changes improve PyPI's overall account security posture, making it harder for attackers to exploit expired domain names to gain unauthorized access to accounts," Mike Fiedler, PyPI safety and security engineer at the Python
Fake Gmail security alerts are tricking users into inadvertently handing over control of their accounts to scammers. Here's what to look for.
### Summary A stored Cross-Site Scripting (XSS) vulnerability exists in LibreNMS (<= 25.6.0) in the Alert Template creation feature. This allows a user with the **admin role** to inject malicious JavaScript, which will be executed when the template is rendered, potentially compromising other admin accounts. --- ### Details In the LibreNMS web UI, when a user with the **admin role** visits `/templates` and clicks **"Create new alert template"**, the **"Template name"** field fails to properly sanitize input. By inserting a payload like: ``` <script>alert(document.cookie)</script> ``` and filling the other fields with arbitrary content (e.g., `test`), once the template is saved, the script is executed. This confirms that user input is stored and later rendered without proper output encoding. This vulnerability can be exploited for session hijacking, data theft, or other malicious actions targeting other admin users. --- ### PoC 1. Log in to LibreNMS using an account with t...