#web

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Vulnerability: Observable Discrepancy 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to identify valid usernames. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports the following SIMATIC products are affected: Siemens SIMATIC S7-1200 CPU 1217C DC/DC/DC (6ES7217-1AG40-0XB0): vers:all/<V4.7 Siemens SIMATIC S7-1500 CPU 1513R-1 PN (6ES7513-1RM03-0AB0): vers:all/>=V3.1.0|<V3.1.2 Siemens SIMATIC S7-1500 CPU 1513pro-2 PN (6ES7513-2PM03-0AB0): vers:all/>=V3.1.0|<V3.1.2 Siemens SIPLUS...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Outback Power Equipment: Mojave Inverter Vulnerabilities: Use of GET Request Method With Sensitive Query Strings, Exposure of Sensitive Information to an Unauthorized Actor, Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access sensitive data or inject commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Outback Power Mojave Inverter, a system for managing power in a residential grid-connected battery backup system, are affected: Outback Power Mojave Inverter: All versions 3.2 VU;NERABILITY OVERVIEW 3.2.1 Use of GET Request Method With Sensitive Query Strings CWE-598 The Mojave Inverter uses the GET method for sensitive information. CVE-2025-26473 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.2 ATTENTION: Low attack complexity Vendor: Siemens Equipment: OpenV2G Vulnerability: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to trigger memory corruption. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: Siemens OpenV2G: All versions prior to V0.9.6 3.2 VULNERABILITY OVERVIEW 3.2.1 BUFFER COPY WITHOUT CHECKING SIZE OF INPUT ('CLASSIC BUFFER OVERFLOW') CWE-120 The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker ...

An authenticated user can perform XSS and potentially impersonate another user. This issue affects Apache Atlas versions 2.3.0 and earlier. Users are recommended to upgrade to version 2.4.0, which fixes the issue.

Despite high-profile attention and even US sanctions, the group hasn’t stopped or even slowed its operation, including the breach of two more US telecoms.

### Impact Chains using affected versions of Packet Forward Middleware in their IBC Transfer stack are vulnerable to an attack in which there is a potential denial of service. This affects IBC transfers for any asset which is being transferred between another chain and its native chain. We recommend upgrading as soon as possible. __THIS IS A STATE BREAKING CHANGE__ ### Patches Versions [7.2.1](https://github.com/cosmos/ibc-apps/releases/tag/middleware%2Fpacket-forward-middleware%2Fv7.2.1) and [8.1.1](https://github.com/cosmos/ibc-apps/releases/tag/middleware%2Fpacket-forward-middleware%2Fv8.1.1) are patched. ### Workarounds N/A ### References N/A

### Impact _What kind of vulnerability is it? Who is impacted?_ Remote code execution is possible in web-accessible installations of hypercube. ### Patches _Has the problem been patched? What versions should users upgrade to?_ Not yet, though no patch is neccessary if your installation of the microservices is behind a firewall. See below. ### Workarounds _Is there a way for users to fix or remediate the vulnerability without upgrading?_ The exploit requires making a request against Hypercube's endpoints; therefore, the ability to make use of the exploit is much reduced if the microservice is not directly accessible from the Internet, so: Prevent general access from the Internet from hitting Hypercube. Furthermore, if you've used any of the official installation methods, your Crayfish will be behind a firewall and there is no work neccessary. The webserver might be made to validate the structure of headers passed, but that would only be neccessary if you publicly exposed the en...

Sponsored by accessiBe

### Summary Koa uses an evil regex to parse the `X-Forwarded-Proto` and `X-Forwarded-Host` HTTP headers. This can be exploited to carry out a Denial-of-Service attack. ### PoC Coming soon. ### Impact This is a Regex Denial-of-Service attack and causes memory exhaustion. The regex should be improved and empty values should not be allowed.

Cybersecurity is a must as online threats rise. Businesses must train employees, back up data, and adopt strong…