Several security vulnerabilities have been identified in a variety of services, which include Honeywell Experion distributed command program (DCS) and QuickBlox, that, if successfully exploited, could end result in severe compromise of influenced techniques.
Dubbed Crit.IX, the nine flaws in the Honeywell Experion DCS system permit for “unauthorized remote code execution, which suggests an attacker would have the ability to choose over the units and alter the operation of the DCS controller, even though also hiding the alterations from the engineering workstation that manages the controller,” Armis said in a statement shared with The Hacker News.
Place otherwise, the issues relate to deficiency of encryption and sufficient authentication mechanisms in a proprietary protocol known as Handle Knowledge Accessibility (CDA) which is utilised to converse in between Experion Servers and C300 controllers, proficiently enabling a menace actor to acquire around the devices and alter the operation of the DCS controller.
“As a end result, any individual with accessibility to the network is capable to impersonate both equally the controller and the server,” Tom Gol, CTO for investigation at Armis, explained. ” In addition, there are design flaws in the CDA protocol which make it hard to handle the boundaries of the knowledge and can guide to buffer overflows.”
In a associated progress, Check out Issue and Claroty uncovered significant flaws in a chat and video clip calling platform known as QuickBlox that is extensively utilized in telemedicine, finance, and clever IoT products. The vulnerabilities could let attackers to leak the consumer databases from several well known purposes that integrate QuickBlox SDK and API.
This consists of Rozcom, an Israeli vendor that sells intercoms for household and industrial use situations. A closer assessment of its cell application led to the discovery of additional bugs (CVE-2023-31184 and CVE-2023-31185) that produced it feasible to down load all user databases, impersonate any user, and perform comprehensive account takeover assaults.
“As a end result, we had been ready to take around all Rozcom intercom devices, giving us total regulate and enabling us to access product cameras and microphones, wiretap into its feed, open up doorways managed by the devices, and more,” the scientists said.
Also disclosed this 7 days are remote code execution flaws impacting Aerohive/Intense Networks obtain points running HiveOS/Serious IQ Motor variations prior to 10.6r2 and the open up-source Ghostscript library (CVE-2023-36664, CVSS score: 9.8) that could end result in the execution of arbitrary instructions.
Approaching WEBINARShield Against Insider Threats: Learn SaaS Security Posture Management
Nervous about insider threats? We have obtained you included! Sign up for this webinar to examine realistic approaches and the secrets of proactive security with SaaS Security Posture Administration.
Be part of Currently
“Ghostscript is a commonly utilised but not necessarily commonly recognized package,” Kroll researcher Dave Truman said. “It can be executed in quite a few distinct strategies, from opening a file in a vector picture editor such as Inkscape to printing a file by way of CUPS. This indicates that an exploitation of a vulnerability in Ghostscript may not be minimal to a single application or be right away apparent.”
Rounding off the checklist is the discovery of tough-coded qualifications in Technicolor TG670 DSL gateway routers that could be weaponized by an authenticated person to attain comprehensive administrative control of the devices.
“A distant attacker can use the default username and password to login as the administrator to the router device,” CERT/CC reported in an advisory. “This permits the attacker to modify any of the administrative settings of the router and use it in sudden approaches.”
Buyers are recommended to disable distant administration on their equipment to reduce probable exploitation attempts and test with the provider providers to ascertain if correct patches and updates are readily available.
Uncovered this short article interesting? Stick to us on Twitter ๏ and LinkedIn to study extra special content material we write-up.
Some parts of this article are sourced from:
thehackernews.com
Defend Against Insider Threats: Join this Webinar on SaaS Security Posture Management