CISA

Hitron Systems Security Camera DVR

by CISA
January 30, 2024
Security News, Assessments & Alerts
4 min read

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor: Hitron Systems Equipment: DVR Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities…

SystemK NVR 504/508/516 | CISA

by CISA
January 25, 2024
Security News, Assessments & Alerts
3 min read

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: SystemK Equipment: NVR 504/508/516 Vulnerability: Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an…

Opteev MachineSense FeverWarn | CISA

by CISA
January 25, 2024
Security News, Assessments & Alerts
4 min read

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: MachineSense LLC. Equipment: MachineSense FeverWarn Vulnerabilities: Missing Authentication for Critical Function, Use of Hard-coded Credentials, Improper Access Control, OS Command Injection, Improper…

Lantronix XPort | CISA

by CISA
January 23, 2024
Security News, Assessments & Alerts
3 min read

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.7 ATTENTION: Low attack complexity Vendor: Lantronix Equipment: XPort Vulnerability: Weak Encoding for Password 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain…

APsystems Energy Communication Unit (ECU-C) Power Control Software

by CISA
January 23, 2024
Security News, Assessments & Alerts
3 min read

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable via adjacent network / low attack complexity Vendor: APsystems Equipment: Energy communication Unit (ECU-C) Power Control Software Vulnerability: Improper Access Control 2. RISK EVALUATION Successful…

Westermo Lynx 206-F2G | CISA

by CISA
January 23, 2024
Security News, Assessments & Alerts
5 min read

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Westermo Equipment: Lynx 206-F2G Vulnerabilities: Cross-site Scripting, Code Injection, Cross-Origin Resource Sharing, Cleartext Transmission of Sensitive Information, Cross-Site Request Forgery 2.…

Crestron AM-300 | CISA

by CISA
January 23, 2024
Security News, Assessments & Alerts
3 min read

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low attack complexity Vendor: Crestron Equipment: AM-300 Vulnerability: OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate their…

Voltronic Power ViewPower Pro | CISA

by CISA
January 23, 2024
Security News, Assessments & Alerts
3 min read

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Voltronic Power Equipment: ViewPower Pro Vulnerabilities: Deserialization of Untrusted Data, Missing Authentication for Critical Function, Exposed Dangerous Method or Function, OS Command Injection 2. RISK EVALUATION…

by CISA
January 19, 2024
Security News, Assessments & Alerts
2 min read

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 24-01 in response to observed widespread and active exploitation of vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure appliances by malicious cyber threat…

by CISA
January 18, 2024
Security News, Assessments & Alerts
4 min read

With WWS Sector contributions, guide provides recommended actions and available resources throughout cyber incident response lifecycle WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Environmental Protection Agency (EPA) published a guide today…

« Previous
1
…
30
31
32
33
34
Next »