• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
cisa alerts on critical security vulnerabilities in industrial control systems

CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems

You are here: Home / General Cyber Security News / CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems
March 22, 2023

The U.S. Cybersecurity and Infrastructure Security Company (CISA) has produced eight Industrial Manage Methods (ICS) advisories on Tuesday, warning of critical flaws impacting equipment from Delta Electronics and Rockwell Automation.

This includes 13 security vulnerabilities in Delta Electronics’ InfraSuite Product Master, a real-time system monitoring software package. All versions prior to 1..5 are influenced by the issues.

“Effective exploitation of these vulnerabilities could permit an unauthenticated attacker to get entry to information and credentials, escalate privileges, and remotely execute arbitrary code,” CISA stated.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Leading of the list is CVE-2023-1133 (CVSS rating: 9.8), a critical flaw that arises from the reality that InfraSuite Gadget Learn accepts unverified UDP packets and deserializes the articles, thereby allowing for an unauthenticated distant attacker to execute arbitrary code.

Two other deserialization flaws, CVE-2023-1139 (CVSS score: 8.8) and CVE-2023-1145 (CVSS rating: 7.8) could also be weaponized to obtain remote code execution, CISA cautioned.

Piotr Bazydlo and an anonymous security researcher have been credited with identifying and reporting the shortcomings to CISA.

One more set of vulnerabilities relates to Rockwell Automation’s ThinManager ThinServer and has an effect on the following versions of the thin consumer and distant desktop protocol (RDP) server management software program –

  • 6.x – 10.x
  • 11.. – 11..5
  • 11.1. – 11.1.5
  • 11.2. – 11.2.6
  • 12.. – 12..4
  • 12.1. – 12.1.5, and
  • 13.. – 13..1

The most severe of the issues are two route traversal flaw tracked as CVE-2023-28755 (CVSS score: 9.8) and CVE-2023-28756 (CVSS score: 7.5) that could permit an unauthenticated distant attacker to add arbitrary information to the directory where by the ThinServer.exe is installed.

Even far more troublingly, the adversary could weaponize CVE-2023-28755 to overwrite existing executable data files with trojanized variations, potentially primary to remote code execution.

WEBINARDiscover the Concealed Dangers of 3rd-Party SaaS Applications

Are you knowledgeable of the challenges related with 3rd-party application obtain to your firm’s SaaS apps? Join our webinar to find out about the sorts of permissions becoming granted and how to lessen risk.

RESERVE YOUR SEAT

“Thriving exploitation of these vulnerabilities could allow for an attacker to possibly execute distant code execution on the concentrate on technique/product or crash the software,” CISA famous.

Users are encouraged to update to versions 11..6, 11.1.6, 11.2.7, 12..5, 12.1.6, and 13..2 to mitigate probable threats. ThinManager ThinServer versions 6.x – 10.x are retired, requiring that users update to a supported variation.

As workarounds, it is also encouraged that remote accessibility of port 2031/TCP is minimal to known thin clientele and ThinManager servers.

The disclosure comes extra than 6 months after CISA alerted of a substantial-severity buffer overflow vulnerability in Rockwell Automation ThinManager ThinServer (CVE-2022-38742, CVSS score: 8.1) that could result in arbitrary distant code execution.

Discovered this posting appealing? Comply with us on Twitter  and LinkedIn to browse much more special content material we article.


Some sections of this short article are sourced from:
thehackernews.com

Previous Post: «scarcruft's evolving arsenal: researchers reveal new malware distribution techniques ScarCruft’s Evolving Arsenal: Researchers Reveal New Malware Distribution Techniques
Next Post: CISA and NSA Enhance Security Framework With New IAM Guide Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation
  • OtterCookie v4 Adds VM Detection and Chrome, MetaMask Credential Theft Capabilities
  • Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
  • Deploying AI Agents? Learn to Secure Them Before Hackers Strike Your Business
  • Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
  • Beyond Vulnerability Management – Can You CVE What I CVE?
  • Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android
  • Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
  • 38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
  • SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Copyright © TheCyberSecurity.News, All Rights Reserved.