As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security…
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security…
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security…
The U.S. government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign. Specifically, we have identified that PRC-affiliated actors have compromised networks at…
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: TRO600 Series Vulnerabilities: Command Injection, Improper Removal of Sensitive Information Before Storage or Transfer 2. RISK EVALUATION Command…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Bosch Rexroth Equipment: IndraDrive Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low Attack Complexity Vendor: Beckhoff Automation Equipment: TwinCAT Package Manager Vulnerability: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) 2. RISK…
In November CISA asks all Americans to “Resolve to be Resilient” WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) announced the kickoff of Critical Infrastructure Security and Resilience (CISR) Month. The safety and security…
WASHINGTON – Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly issued the following statement today on the security of the 2024 elections: Over the past several weeks, citizens across our country came together to…
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Election Assistance Commission (EAC) issued the following statement today. “Tens of millions of Americans will cast their ballot tomorrow as we elect the…