#web

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Low attack complexity Vendor: Siemens Equipment: SiPass integrated Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Cross-site Scripting, Authorization Bypass Through User-Controlled Key, Storing Passwords in a Recoverable Format 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an unauthenticated remote attacker to gain unauthorized access to user accounts, manipulate data, impersonate users, or execute arbitrary code on the SiPass integrated server. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: SiP...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MACH GWS Vulnerabilities: Incorrect Default Permissions, Improper Validation of Integrity Check Value, Improper Certificate Validation 2. RISK EVALUATION Exploiting these vulnerabilities could allow an attacker to tamper with system files, cause a denial of service, or perform a remote man-in-the-middle attack. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of MACH GWS affected: MACH GWS: Versions 3.0.0.0 to 3.4.0.0 3.2 VULNERABILITY OVERVIEW 3.2.1 INCORRECT DEFAULT PERMISSIONS CWE-276 A vulnerability exists in MACH GWS product, which if exploited, could allow a local unauthenticated attacker to tamper a system file resulting in a denial of notify service. CVE-2025-39201 has been assigned to this vulnerability. A CVSS v3.1 base score of 6.1 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H). A CVSS v4 sco...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: HyperLynx and Industrial Edge App Publisher Vulnerability: Access of Resource Using Incompatible Type ('Type Confusion') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to perform arbitrary code execution via a crafted HTML page. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens HyperLynx: vers:all/* Siemens Industrial Edge App Publisher: vers:intdot/<1.23.5 3.2 VULNERABILITY OVERVIEW 3.2.1 ACCESS OF RESOURCE USING INCOMPATIBLE TYPE ('TYPE CONFUSION')...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Low Attack Complexity Vendor: Siemens Equipment: Solid Edge Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to crash the application or execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens Solid Edge SE2024: All versions < V224.0 Update 14 Siemens Solid Edge SE2025: All versions < V225.0 Update 6 3.2 VULNERABILITY OVERVIEW 3.2.1 OUT-OF-BOUNDS WRITE CWE-787 The affected applications contain an out of bounds write vulnerability while parsing specia...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk ViewPoint Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthenticated attackers to achieve XML external entity injection, resulting in a temporary denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports the following versions of PanelView Plus (which interacts with FactoryTalk ViewPoint) are affected by this vulnerability: PanelView Plus 7 Terminal: Version 14 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 Improper Restriction of XML External Entity Reference CWE-611 A security issue was discovered within FactoryTalk ViewPoint, allowing unauthenticated attackers to achieve XML external entity injection. Certain SOAP requests can be abused resulting in a temporary denial-of-service. CVE-2025-9066 has b...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ArmorStart AOP Vulnerability: Uncaught Exception 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition on the affected product. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Rockwell Automation products are affected: ArmorStart AOP: Version V2.05.07 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 Uncaught Exception CWE-248 A security issue exists within the Studio 5000 Logix Designer add-on profile (AOP) for the ArmorStart Classic distributed motor controller, resulting in a denial-of-service. This vulnerability is possible due to the input of invalid values into Component Object Model (COM) methods. CVE-2025-9437 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). A CVS...

The fashion retailer says a breach at a marketing partner exposed limited contact details—but no financial data or passwords.

Cisco Talos has uncovered a new attack linked to Famous Chollima, a threat group aligned with North Korea (DPRK).

Mattermost versions 10.10.x <= 10.10.2, 10.5.x <= 10.5.10, 10.11.x <= 10.11.2 fail to validate email ownership during Slack import process which allows attackers to create verified user accounts with arbitrary email domains via malicious Slack import data to bypass email-based team access restrictions.

Mattermost versions 10.5.x <= 10.5.10, 10.11.x <= 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time analysis on Cloud API keys and OAuth client secrets.