FreshRSS

πŸ”’
β–³ πŸ”ƒ
☐ β˜† βœ‡ ICS-CERT Alert Feed

Robot Motion Servers

By ICS-CERT Alert Document β€” August 4th 2020 at 14:10
This Alert contains a public report of a Remote Code Execution vulnerability affecting robot motion servers written in OEM exclusive programming languages running on the robot controller.
☐ β˜† βœ‡ ICS-CERT Alert Feed

SweynTooth Vulnerabilities

By ICS-CERT Alert Document β€” March 3rd 2020 at 15:20
This ALERT details vulnerabilities in SweynTooth's Bluetooth Low Energy (BLE) proof-of-concept (PoC) exploit code. This report was released without coordination with some of the affected vendors and without advance coordination with CISA. CISA has notified some of the affected vendors of the report and has asked the vendors to confirm the vulnerabilities and identify mitigations.
☐ β˜† βœ‡ ICS-CERT Alert Feed

Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU (Update A)

By ICS-CERT Alert Document β€” September 10th 2019 at 14:30
This updated alert is a follow-up to the original alert titled ICS-ALERT-19-225-01 Mitsubishi Electric smartRTU and INEA ME-RTU that was published August 13, 2019, on the ICS webpage on us-cert.gov. CISA is aware of a public report of a proof-of-concept (PoC) exploit code vulnerability affecting Mitsubishi Electric smartRTU devices. According to this report, there are multiple vulnerabilities that could result in remote code execution with root privileges. CISA is issuing this alert to provide early notice of the report.
☐ β˜† βœ‡ ICS-CERT Alert Feed

CAN Bus Network Implementation in Avionics

By ICS-CERT Alert Document β€” July 30th 2019 at 13:00
CISA is aware of a public report of insecure implementation of CAN bus networks affecting aircraft. According to this report, the CAN bus networks are exploitable when an attacker has unsupervised physical access to the aircraft. CISA is issuing this alert to provide early notice of the report.
☐ β˜† βœ‡ ICS-CERT Alert Feed

DICOM Standard in Medical Devices

By ICS-CERT Alert Document β€” June 11th 2019 at 16:15
NCCIC is aware of a public report of a vulnerability in the DICOM (Digital Imaging and Communications in Medicine) standard with proof-of-concept (PoC) exploit code. The DICOM standard is the international standard to transmit, store, retrieve, print, process, and display medical imaging information. According to this report, the vulnerability is exploitable by embedding executable code into the 128 byte preamble. This report was released without coordination with NCCIC or any known vendor.
☐ β˜† βœ‡ ICS-CERT Alert Feed

Meltdown and Spectre Vulnerabilities (Update J)

By ICS-CERT Alert Document β€” January 11th 2018 at 17:51
This updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01 Meltdown and Spectre Vulnerabilities (Update I) that was published September 11, 2018, on the NCCIC/ICS-CERT website.
☐ β˜† βœ‡ ICS-CERT Alert Feed

WAGO PFC200

By ICS-CERT Alert Document β€” December 7th 2017 at 21:11
NCCIC is aware of a public report of an improper authentication vulnerability affecting WAGO PFC200, a Programmable Logic Controller (PLC) device. According to this report, the vulnerability is exploitable by sending a TCP payload on the bound port. This report was released after attempted coordination with WAGO. NCCIC has notified the affected vendor of the report and has asked the vendor to confirm the vulnerability and identify mitigations. NCCIC is issuing this alert to provide notice of the report and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.
☐ β˜† βœ‡ ICS-CERT Alert Feed

Eaton ELCSoft Vulnerabilities

By ICS-CERT Alert Document β€” August 4th 2017 at 19:11
NCCIC/ICS-CERT is aware of a public report of buffer overflow vulnerabilities affecting Eaton ELCSoft, a PLC programming software for Eaton Logic Control (ELC) controllers. According to the public report, which was coordinated with ICS-CERT prior to its public release, researcher Ariele Caltabiano (kimiya) working with Trend Micro's Zero Day Initiative, identified that an attacker can leverage these vulnerabilities to execute arbitrary code in the context of the process. ICS-CERT has notified the affected vendor, who has reported that they are planning to address the vulnerabilities. No timeline has been provided. ICS-CERT is issuing this alert to provide notice of the report and to identify baseline mitigations for reducing risks to these and other cybersecurity attacks.
☐ β˜† βœ‡ ICS-CERT Alert Feed

CAN Bus Standard Vulnerability

By ICS-CERT Alert Document β€” July 28th 2017 at 19:34
NCCIC/ICS-CERT is aware of a public report of a vulnerability in the Controller Area Network (CAN) Bus standard with proof-of-concept (PoC) exploit code affecting CAN Bus, a broadcast based network standard. According to the public report, which was coordinated with ICS-CERT prior to its public release, researchers Andrea Palanca, Eric Evenchick, Federico Maggi, and Stefano Zanero identified a vulnerability exploiting a weakness in the CAN protocol that allows an attacker to perform a denial-of-service (DoS) attack.
☐ β˜† βœ‡ ICS-CERT Alert Feed

CRASHOVERRIDE Malware

By ICS-CERT Alert Document β€” July 25th 2017 at 16:45
CRASHOVERRIDE, aka, Industroyer, is the fourth family of malware publically identified as targeting industrial control systems (ICS). It uses a modular design, with payloads that target several industrial communication protocols and are capable of directly controlling switches and circuit breakers. Additional modules include a data-wiping component and a module capable of causing a denial of service (DoS) to Siemens SIPROTEC devices.
β˜‘ β˜† βœ‡ ICS-CERT Alert Feed

Petya Malware Variant (Update C)

By ICS-CERT Alert Document β€” June 30th 2017 at 21:09
This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-181-01B Petya Malware Variant that was published July 5, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of reports of a variant of the Petya malware that is affecting several countries. ICS-CERT is releasing this alert to enhance the awareness of critical infrastructure asset owners/operators about the Petya variant and to identify product vendors that have issued recommendations to mitigate the risk associated with this malware.
β˜‘ β˜† βœ‡ ICS-CERT Alert Feed

Indicators Associated With WannaCry Ransomware (Update I)

By ICS-CERT Alert Document β€” May 15th 2017 at 23:16
This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-135-01H Indicators Associated With WannaCry Ransomware that was published May 31, 2017, on the NCCIC/ICS-CERT web site.
β˜‘ β˜† βœ‡ ICS-CERT Alert Feed

BrickerBot Permanent Denial-of-Service Attack (Update A)

By ICS-CERT Alert Document β€” April 12th 2017 at 15:02
This updated alert is a follow-up to the original alert titled ICS-ALERT-17-102-01A BrickerBot Permanent Denial-of-Service Attack that was published April 12, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of open-source reports of β€œBrickerBot” attacks, which exploit hard-coded passwords in IoT devices in order to cause a permanent denial of service (PDoS). This family of botnets, which consists of BrickerBot.1 and BrickerBot.2, was described in a Radware Attack Report.
β˜‘ β˜† βœ‡ ICS-CERT Alert Feed

Miele Professional PG 8528 Vulnerability

By ICS-CERT Alert Document β€” March 30th 2017 at 14:10
NCCIC/ICS-CERT is aware of a public report of a directory traversal vulnerability with proof-of-concept (PoC) exploit code affecting the embedded webserver (β€œPST10 WebServer”) in Miele Professional PG 8528, a large capacity washer and disinfector used in hospitals and laboratory settings to disinfect medical and laboratory equipment. According to this report, the vulnerability is remotely exploitable.
☐ β˜† βœ‡ ICS-CERT Alert Feed

DICOM Standard in Medical Devices

By Alert Document β€” June 11th 2019 at 16:15
NCCIC is aware of a public report of a vulnerability in the DICOM (Digital Imaging and Communications in Medicine) standard with proof-of-concept (PoC) exploit code. The DICOM standard is the international standard to transmit, store, retrieve, print, process, and display medical imaging information. According to this report, the vulnerability is exploitable by embedding executable code into the 128 byte preamble. This report was released without coordination with NCCIC or any known vendor.
☐ β˜† βœ‡ ICS-CERT Alert Feed

Meltdown and Spectre Vulnerabilities (Update J)

By Alert Document β€” January 11th 2018 at 17:51
This updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01 Meltdown and Spectre Vulnerabilities (Update I) that was published September 11, 2018, on the NCCIC/ICS-CERT website.
☐ β˜† βœ‡ ICS-CERT Alert Feed

WAGO PFC200

By Alert Document β€” December 7th 2017 at 21:11
NCCIC is aware of a public report of an improper authentication vulnerability affecting WAGO PFC200, a Programmable Logic Controller (PLC) device. According to this report, the vulnerability is exploitable by sending a TCP payload on the bound port. This report was released after attempted coordination with WAGO. NCCIC has notified the affected vendor of the report and has asked the vendor to confirm the vulnerability and identify mitigations. NCCIC is issuing this alert to provide notice of the report and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.
☐ β˜† βœ‡ ICS-CERT Alert Feed

Eaton ELCSoft Vulnerabilities

By Alert Document β€” August 4th 2017 at 19:11
NCCIC/ICS-CERT is aware of a public report of buffer overflow vulnerabilities affecting Eaton ELCSoft, a PLC programming software for Eaton Logic Control (ELC) controllers. According to the public report, which was coordinated with ICS-CERT prior to its public release, researcher Ariele Caltabiano (kimiya) working with Trend Micro's Zero Day Initiative, identified that an attacker can leverage these vulnerabilities to execute arbitrary code in the context of the process. ICS-CERT has notified the affected vendor, who has reported that they are planning to address the vulnerabilities. No timeline has been provided. ICS-CERT is issuing this alert to provide notice of the report and to identify baseline mitigations for reducing risks to these and other cybersecurity attacks.
☐ β˜† βœ‡ ICS-CERT Alert Feed

CAN Bus Standard Vulnerability

By Alert Document β€” July 28th 2017 at 19:34
NCCIC/ICS-CERT is aware of a public report of a vulnerability in the Controller Area Network (CAN) Bus standard with proof-of-concept (PoC) exploit code affecting CAN Bus, a broadcast based network standard. According to the public report, which was coordinated with ICS-CERT prior to its public release, researchers Andrea Palanca, Eric Evenchick, Federico Maggi, and Stefano Zanero identified a vulnerability exploiting a weakness in the CAN protocol that allows an attacker to perform a denial-of-service (DoS) attack.
☐ β˜† βœ‡ ICS-CERT Alert Feed

CRASHOVERRIDE Malware

By Alert Document β€” July 25th 2017 at 16:45
CRASHOVERRIDE, aka, Industroyer, is the fourth family of malware publically identified as targeting industrial control systems (ICS). It uses a modular design, with payloads that target several industrial communication protocols and are capable of directly controlling switches and circuit breakers. Additional modules include a data-wiping component and a module capable of causing a denial of service (DoS) to Siemens SIPROTEC devices.
☐ β˜† βœ‡ ICS-CERT Alert Feed

Petya Malware Variant (Update C)

By Alert Document β€” June 30th 2017 at 21:09
This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-181-01B Petya Malware Variant that was published July 5, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of reports of a variant of the Petya malware that is affecting several countries. ICS-CERT is releasing this alert to enhance the awareness of critical infrastructure asset owners/operators about the Petya variant and to identify product vendors that have issued recommendations to mitigate the risk associated with this malware.
☐ β˜† βœ‡ ICS-CERT Alert Feed

Indicators Associated With WannaCry Ransomware (Update I)

By Alert Document β€” May 15th 2017 at 23:16
This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-135-01H Indicators Associated With WannaCry Ransomware that was published May 31, 2017, on the NCCIC/ICS-CERT web site.
☐ β˜† βœ‡ ICS-CERT Alert Feed

BrickerBot Permanent Denial-of-Service Attack (Update A)

By Alert Document β€” April 12th 2017 at 15:02
This updated alert is a follow-up to the original alert titled ICS-ALERT-17-102-01A BrickerBot Permanent Denial-of-Service Attack that was published April 12, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of open-source reports of β€œBrickerBot” attacks, which exploit hard-coded passwords in IoT devices in order to cause a permanent denial of service (PDoS). This family of botnets, which consists of BrickerBot.1 and BrickerBot.2, was described in a Radware Attack Report.
☐ β˜† βœ‡ ICS-CERT Alert Feed

Miele Professional PG 8528 Vulnerability

By Alert Document β€” March 30th 2017 at 14:10
NCCIC/ICS-CERT is aware of a public report of a directory traversal vulnerability with proof-of-concept (PoC) exploit code affecting the embedded webserver (β€œPST10 WebServer”) in Miele Professional PG 8528, a large capacity washer and disinfector used in hospitals and laboratory settings to disinfect medical and laboratory equipment. According to this report, the vulnerability is remotely exploitable.
☐ β˜† βœ‡ ICS-CERT Alert Feed

MEMS Accelerometer Hardware Design Flaws (Update A)

By Alert Document β€” March 14th 2017 at 14:10
This updated alert is a follow-up to the original alert titled ICS-ALERT-17-073-01 MEMS Accelerometer Hardware Design Flaws that was published March 14, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of public reporting of hardware design flaws in some capacitive micro-electromechanical systems (MEMS) accelerometer sensors, which are produced by the following manufacturers: Robert Bosch GmbH, STMicroelectronics, InvenSense Inc., Analog Devices Inc., and Murata Manufacturing Company.
❌