#dos

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: PowerMonitor 1000 Remote Vulnerabilities: Unprotected Alternate Channel, Heap-based Buffer Overflow, Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform edit operations, create admin users, perform factory reset, execute arbitrary code, or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports the following versions of PowerMonitor 1000 Remote are affected: PM1k 1408-BC3A-485: Versions prior to 4.020 PM1k 1408-BC3A-ENT: Versions prior to 4.020 PM1k 1408-TS3A-485: Versions prior to 4.020 PM1k 1408-TS3A-ENT: Versions prior to 4.020 PM1k 1408-EM3A-485: Versions prior to 4.020 PM1k 1408-EM3A-ENT: Versions prior to 4.020 PM1k 1408-TR1A-485: Versions prior to 4.020 PM1k 1408-TR2A-485: Versions prior to 4.020 PM1k 1408-EM1A-485: Vers...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: TropOS Devices Series 1400/2400/6400 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Hitachi Energy are affected: TropOS devices series 1400/2400/6400: All versions prior to 8.9.6 3.2 Vulnerability Overview 3.2.1 IMPROPER INPUT VALIDATION CWE-20 The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013. CVE-2013-5211 has been assigned to this vulnerability. A CVSS v3 base score of 5.3 has been assigned; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). 3....

The ABB Cylon Aspect BMS/BAS controller allows users to bypass authentication by setting the 'content' POST parameter. This enables an attacker to inject arbitrary configuration overrides, potentially leading to unauthorized changes and compromising system integrity. The vulnerability can be exploited to update the /usr/local/aam/etc/override.properties file. This file contains critical configuration overrides such as enabling overrides (Override.enabled=true) and setting specific properties like debug.level=1. The runjava.VARIANT* script then sources this file during execution, applying the overrides when the system reboots or the application restarts. This allows attackers to manipulate critical system settings, potentially causing performance degradation, introducing security risks, or resulting in a denial of service scenario.

The ABB Cylon Aspect BMS/BAS controller allows users to bypass authentication by setting the 'content' POST parameter. This enables an attacker to inject arbitrary configuration overrides, potentially leading to unauthorized changes and compromising system integrity. The vulnerability can be exploited to update the /usr/local/aam/etc/override.properties file. This file contains critical configuration overrides such as enabling overrides (Override.enabled=true) and setting specific properties like debug.level=1. The runjava.VARIANT* script then sources this file during execution, applying the overrides when the system reboots or the application restarts. This allows attackers to manipulate critical system settings, potentially causing performance degradation, introducing security risks, or resulting in a denial of service scenario.

An authenticated access vulnerability in the aspectMemory.php script of ABB Cylon Aspect BMS/BAS controllers allows attackers to set arbitrary values for Java heap memory parameters (HEAPMIN and HEAPMAX). This configuration is written to /usr/local/aam/etc/javamem. The absence of input validation can lead to system performance degradation, Denial-of-Service (DoS) conditions, and crashes of critical Java applications.

An authenticated access vulnerability in the aspectMemory.php script of ABB Cylon Aspect BMS/BAS controllers allows attackers to set arbitrary values for Java heap memory parameters (HEAPMIN and HEAPMAX). This configuration is written to /usr/local/aam/etc/javamem. The absence of input validation can lead to system performance degradation, Denial-of-Service (DoS) conditions, and crashes of critical Java applications.

Boundary Community Edition and Boundary Enterprise (“Boundary”) incorrectly handle HTTP requests during the initialization of the Boundary controller, which may cause the Boundary server to terminate prematurely. Boundary is only vulnerable to this flaw during the initialization of the Boundary controller, which on average is measured in milliseconds during the Boundary startup process. This vulnerability, CVE-2024-12289, is fixed in Boundary Community Edition and Boundary Enterprise 0.16.4, 0.17.3, 0.18.2.

Open source Prometheus servers and exporters are leaking plaintext passwords and tokens, along with API addresses of internal locations.

In Operation PowerOFF, global authorities aim to deter individuals from engaging in malicious cyber acts.

Just in time for the holidays!