A remote attacker can get sensitive information that expands attack surface.

Serious vulnerabilities have been found in Intel processors. These flaws also affect industrial equipment. Intel has released the relevant updates and equipment vendors now need to integrate them...

A remote attacker can get administrative privileges using default credentials.

2017 was one of the most eventful years in terms of information security incidents affecting industrial systems, and it changed the way industrial companies think about protecting key operational...

Vulnerabilities in Siemens SWT 3000, a system used in the energy sector, allow attackers to gain access to sensitive information, circumvent authentication and conduct a DoS attack.

A remote attacker can craft a malicious link and send it to a privileged user. This can cause denial of service.

Siemens SCALANCE industrial solutions are affected by Dnsmasq vulnerabilities. An attacker could be able to execute arbitrary code or conduct a DoS attack.

A authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface.

Kaspersky Lab ICS CERT experts have held the first tech talk on industrial cyber security at UC Berkeley.

The Satori botnet has used embedded exploits to attack ports 37215 and 52869. After reaching the size of 280,000 active bots, the botnet has suddenly folded its operations.

Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device Management Software.

The TRITON attack demonstrates an important property of attacks on industrial enterprises: they may show no signs of malicious computer activity.

ENISA has released a new study: “Good Practices for Security of Internet of Things in the context of Smart Manufacturing. Kaspersky Lab ICS CERT experts contributed to the study.

Attackers can take advantage of vulnerabilities in the PAN-OS management interface to execute arbitrary code with superuser privileges.

Vulnerabilities in Intel, ARM64 and AMD processors allow unauthorized access to virtual memory contents. Vulnerable devices include industrial equipment.

Exploitation of vulnerabilities in Siemens SINUMERIK controllers cold allow remote code execution, privilege escalation and device denial-of-service conditions

LibVNCServer before a 0.9.12 release contains a heap out-of-bound write vulnerability in the server code of the file transfer extension, which can result in remote code execution.

An improper input validation vulnerability has been identified in the Nari PCS-9611 protection relay. Although an exploit for the vulnerability exists, the vendor has so far not commented on the problem.

A few months ago, while undertaking unrelated research into online connected devices, we uncovered something surprising and realized almost immediately that we could be looking at a critical...

LibVNCServer before a 0.9.12 release contains multiple heap out-of-bound write vulnerabilities in VNC client code, which can result in remote code execution.

Remote exploitation of discovered vulnerabilities lead to full compromise the system with Saperion webclient.

A new variant of the Mirai botnet can set up proxy servers on infected IoT devices

LibVNCServer before a 0.9.12 release contains a heap out-of-bound write vulnerability in a structure in VNC client code, which can result in remote code execution.

28 industrial solutions by Siemens are affected by vulnerabilities in Intel ME, SPS and TXE technologies. The vendor has released patches for all of these products and made these patches available...

LibVNCServer before a 0.9.12 release contains a CWE-835: Infinite Loop vulnerability in VNC client code. The vulnerability could allow an attacker to consume an excessive amount of resources, such...

The researchers at Kaspersky Lab ICS CERT decided to check the popular smart camera to see how well protected it is against cyber abuses.

In this report, Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (Kaspersky Lab ICS CERT) publishes the findings of its research on the threat landscape for industrial...

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple CWE-665: Improper Initialization weaknesses in VNC client code, which could allow an attacker to read stack memory and can...

LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains a CWE-665: Improper Initialization vulnerability in VNC Repeater client code, which could allow an attacker to read stack memory and...

A critical vulnerability in Moxa AWK-3131A industrial access point could allow an unauthorized attacker to execute arbitrary code by injecting system commands