Category vulnerabilities

10 Major Vulnerabilities Identified in CODESYS Industrial Automation Software

Cybersecurity researchers revealed ten significant flaws in CODESYS automation software that could allow remote code execution on programmable logic controllers (PLCs). According to experts from Positive Technologies, an attacker requires only network access to exploit these vulnerabilities—no username or password is necessary. The root cause lies in inadequate input data verification, often due to non-adherence to secure development practices. The Russian cybersecurity firm identified these flaws in a PLC produced by WAGO, which, along with other automation companies like Beckhoff, Kontron, Moeller, Festo, Mitsubishi, and HollySys, utilizes CODESYS software for programming and configuring their controllers. CODESYS provides a development environment for programming controller applications.

Critical Vulnerabilities Discovered in CODESYS Automation Software On June 4, 2021, cybersecurity experts released alarming findings regarding multiple vulnerabilities in CODESYS industrial automation software. These vulnerabilities, numbering up to ten, pose significant risks as they can potentially be exploited to enable remote code execution on programmable logic controllers (PLCs). According…

Read More

10 Major Vulnerabilities Identified in CODESYS Industrial Automation Software

Cybersecurity researchers revealed ten significant flaws in CODESYS automation software that could allow remote code execution on programmable logic controllers (PLCs). According to experts from Positive Technologies, an attacker requires only network access to exploit these vulnerabilities—no username or password is necessary. The root cause lies in inadequate input data verification, often due to non-adherence to secure development practices. The Russian cybersecurity firm identified these flaws in a PLC produced by WAGO, which, along with other automation companies like Beckhoff, Kontron, Moeller, Festo, Mitsubishi, and HollySys, utilizes CODESYS software for programming and configuring their controllers. CODESYS provides a development environment for programming controller applications.

Instagram Bug Exposed Private Accounts, Allowing Unfettered Access to Archived Content

June 15, 2021

Instagram has resolved a significant vulnerability that permitted anyone to access archived posts and stories from private accounts without needing to follow them. Security researcher Mayur Fartade revealed in a Medium post today that “this bug could have allowed a malicious user to view targeted media on Instagram.” By leveraging the Media ID, an attacker could see details of private posts, stories, reels, and IGTV videos without following the user. Fartade reported the issue to Facebook’s security team on April 16, 2021, and the flaw was patched on June 15, leading to a $30,000 reward for his efforts through the company’s bug bounty program. Although exploiting this vulnerability required knowledge of the media ID, Fartade demonstrated that by brute-forcing the identifiers, it was feasible to send a POST request to a GraphQL endpoint and access sensitive information. As a result of this flaw, details like likes, comments, and saves could have been exposed.

Instagram Security Vulnerability Exposed Private Accounts June 15, 2021 Instagram has recently addressed a significant security vulnerability that permitted unauthorized access to archived media from private accounts. This flaw allowed any individual to view posts and stories of users without needing to follow them, raising serious concerns about personal data…

Read More

Instagram Bug Exposed Private Accounts, Allowing Unfettered Access to Archived Content

June 15, 2021

Instagram has resolved a significant vulnerability that permitted anyone to access archived posts and stories from private accounts without needing to follow them. Security researcher Mayur Fartade revealed in a Medium post today that “this bug could have allowed a malicious user to view targeted media on Instagram.” By leveraging the Media ID, an attacker could see details of private posts, stories, reels, and IGTV videos without following the user. Fartade reported the issue to Facebook’s security team on April 16, 2021, and the flaw was patched on June 15, leading to a $30,000 reward for his efforts through the company’s bug bounty program. Although exploiting this vulnerability required knowledge of the media ID, Fartade demonstrated that by brute-forcing the identifiers, it was feasible to send a POST request to a GraphQL endpoint and access sensitive information. As a result of this flaw, details like likes, comments, and saves could have been exposed.

Urgent: Update Your Chrome Browser to Address New 0-Day Vulnerability

June 18, 2021

Google has released an important update for the Chrome browser on Windows, Mac, and Linux to resolve four security vulnerabilities, including a critical zero-day flaw currently being exploited. This issue, identified as CVE-2021-30554, is a high-severity “use after free” vulnerability in WebGL (Web Graphics Library), which is a JavaScript API used for rendering interactive 2D and 3D graphics in the browser. Exploiting this flaw could lead to data corruption, crashes, and unauthorized execution of code or commands. Google received an anonymous report about the vulnerability on June 15, and Chrome technical program manager Srinivas Sista confirmed that the company is “aware that an exploit for CVE-2021-30554 exists in the wild.” While it’s standard practice to withhold specific details until most users have applied the fix, this announcement comes just days after Google addressed another zero-day vulnerability.

Update Your Chrome Browser to Address Critical 0-Day Vulnerability On June 18, 2021, Google announced the release of a significant update for its Chrome browser, applicable to Windows, Mac, and Linux systems, aimed at rectifying multiple security vulnerabilities. This update specifically targets four identified flaws, one of which is a…

Read More

Urgent: Update Your Chrome Browser to Address New 0-Day Vulnerability

June 18, 2021

Google has released an important update for the Chrome browser on Windows, Mac, and Linux to resolve four security vulnerabilities, including a critical zero-day flaw currently being exploited. This issue, identified as CVE-2021-30554, is a high-severity “use after free” vulnerability in WebGL (Web Graphics Library), which is a JavaScript API used for rendering interactive 2D and 3D graphics in the browser. Exploiting this flaw could lead to data corruption, crashes, and unauthorized execution of code or commands. Google received an anonymous report about the vulnerability on June 15, and Chrome technical program manager Srinivas Sista confirmed that the company is “aware that an exploit for CVE-2021-30554 exists in the wild.” While it’s standard practice to withhold specific details until most users have applied the fix, this announcement comes just days after Google addressed another zero-day vulnerability.

NVIDIA Jetson Chipsets Vulnerable to Critical Security Flaws

On June 22, 2021, U.S. graphics chip manufacturer NVIDIA issued software updates to patch 26 vulnerabilities in its Jetson system-on-module (SOM) lineup. These flaws could allow attackers to escalate privileges and potentially cause denial-of-service or information disclosure issues. Ranging from CVE‑2021‑34372 to CVE‑2021‑34397, the vulnerabilities impact several Jetson products, including the TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, and Nano, as well as the Nano 2GB, all running Jetson Linux versions prior to 32.5.1. The issues were reported by Frédéric Perriot of Apple Media Products. NVIDIA’s Jetson line is designed for AI and computer vision applications, catering primarily to autonomous systems and mobile robots. A major concern is CVE‑2021‑34372, a buffer overflow vulnerability in the Trusty trusted execution environment (TEE) with a CVSS score of 8.2.

NVIDIA Jetson Chipsets Vulnerable to Critical Security Flaws On June 22, 2021, NVIDIA, a prominent player in the graphics chip industry, announced the release of critical software updates aimed at mitigating 26 vulnerabilities within its Jetson system-on-module (SOM) series. These vulnerabilities could potentially be exploited by malicious actors to escalate…

Read More

NVIDIA Jetson Chipsets Vulnerable to Critical Security Flaws

On June 22, 2021, U.S. graphics chip manufacturer NVIDIA issued software updates to patch 26 vulnerabilities in its Jetson system-on-module (SOM) lineup. These flaws could allow attackers to escalate privileges and potentially cause denial-of-service or information disclosure issues. Ranging from CVE‑2021‑34372 to CVE‑2021‑34397, the vulnerabilities impact several Jetson products, including the TX1, TX2 series, TX2 NX, AGX Xavier series, Xavier NX, and Nano, as well as the Nano 2GB, all running Jetson Linux versions prior to 32.5.1. The issues were reported by Frédéric Perriot of Apple Media Products. NVIDIA’s Jetson line is designed for AI and computer vision applications, catering primarily to autonomous systems and mobile robots. A major concern is CVE‑2021‑34372, a buffer overflow vulnerability in the Trusty trusted execution environment (TEE) with a CVSS score of 8.2.

Critical Authentication Bypass Vulnerability Discovered in VMware Carbon Black App Control

June 24, 2021
VMware has released security updates addressing a significant vulnerability in Carbon Black App Control that could allow attackers to bypass authentication and potentially take control of affected systems. Labeled CVE-2021-21998, this flaw has received a severity score of 9.4 out of 10 according to the Common Vulnerability Scoring System (CVSS). It impacts App Control versions 8.0.x, 8.1.x, 8.5.x, and 8.6.x. Carbon Black App Control serves as a security measure to protect critical systems and servers from unauthorized changes amidst cyber threats while ensuring compliance with regulations like PCI-DSS, HIPAA, GDPR, SOX, FISMA, and NERC. “An attacker with network access to the VMware Carbon Black App Control management server may gain administrative access without needing authentication,” the California-based cloud computing and virtualization company stated in a recent advisory.

VMware Addresses Serious Authentication Flaw in Carbon Black App Control On June 24, 2021, VMware announced the release of critical security updates designed to remediate a significant vulnerability in its Carbon Black App Control software. This flaw, designated as CVE-2021-21998, boasts a severity rating of 9.4 out of 10 according…

Read More

Critical Authentication Bypass Vulnerability Discovered in VMware Carbon Black App Control

June 24, 2021
VMware has released security updates addressing a significant vulnerability in Carbon Black App Control that could allow attackers to bypass authentication and potentially take control of affected systems. Labeled CVE-2021-21998, this flaw has received a severity score of 9.4 out of 10 according to the Common Vulnerability Scoring System (CVSS). It impacts App Control versions 8.0.x, 8.1.x, 8.5.x, and 8.6.x. Carbon Black App Control serves as a security measure to protect critical systems and servers from unauthorized changes amidst cyber threats while ensuring compliance with regulations like PCI-DSS, HIPAA, GDPR, SOX, FISMA, and NERC. “An attacker with network access to the VMware Carbon Black App Control management server may gain administrative access without needing authentication,” the California-based cloud computing and virtualization company stated in a recent advisory.

Microsoft Edge Vulnerability Could Have Allowed Hackers to Access Your Data on Any Website

On June 28, 2021, Microsoft released updates for the Edge browser addressing two security flaws, one of which involves a critical security bypass vulnerability. This flaw could potentially allow hackers to inject and execute arbitrary code across all websites. Identified as CVE-2021-34506 (CVSS score: 5.4), the issue is rooted in a universal cross-site scripting (UXSS) vulnerability that occurs when the browser’s automatic translation feature, powered by Microsoft Translator, is used. The vulnerability was discovered and reported by Ignacio Laurence along with Vansh Devgan and Shivam Kumar Singh from CyberXplore Private Limited. CyberXplore researchers explained, “Unlike conventional XSS attacks, UXSS exploits client-side vulnerabilities in the browser or extensions to create an XSS condition and run malicious code.”

Security Flaw in Microsoft Edge Could Have Exposed User Data Across Websites June 28, 2021 Microsoft recently issued updates to its Edge browser addressing two critical security vulnerabilities. Among these is a significant security bypass flaw that has raised concerns regarding the potential for malicious actors to inject and execute…

Read More

Microsoft Edge Vulnerability Could Have Allowed Hackers to Access Your Data on Any Website

On June 28, 2021, Microsoft released updates for the Edge browser addressing two security flaws, one of which involves a critical security bypass vulnerability. This flaw could potentially allow hackers to inject and execute arbitrary code across all websites. Identified as CVE-2021-34506 (CVSS score: 5.4), the issue is rooted in a universal cross-site scripting (UXSS) vulnerability that occurs when the browser’s automatic translation feature, powered by Microsoft Translator, is used. The vulnerability was discovered and reported by Ignacio Laurence along with Vansh Devgan and Shivam Kumar Singh from CyberXplore Private Limited. CyberXplore researchers explained, “Unlike conventional XSS attacks, UXSS exploits client-side vulnerabilities in the browser or extensions to create an XSS condition and run malicious code.”

Researchers Release PoC Exploit for Critical Windows RCE Vulnerability

On June 30, 2021, a proof-of-concept (PoC) exploit for a remote code execution vulnerability in the Windows Print Spooler, identified as CVE-2021-1675, was temporarily posted online before being removed. This security flaw, which Microsoft addressed in a Patch Tuesday update on June 8, 2021, could allow remote attackers to gain complete control over affected systems. The Print Spooler component, responsible for managing printer operations and loading drivers, poses significant risks due to its wide attack surface and high privilege level that enables the dynamic loading of third-party binaries. Shortly after the initial patch, Microsoft updated its assessment of the vulnerability’s impact from an elevation of privilege to remote code execution (RCE) and increased the severity rating.

Researchers Disclose PoC Exploit for Critical Windows RCE Vulnerability On June 30, 2021, news emerged regarding the brief online availability of a proof-of-concept (PoC) exploit linked to a critical remote code execution (RCE) vulnerability in the Windows Print Spooler service. This vulnerability, cataloged as CVE-2021-1675, was identified as potentially allowing…

Read More

Researchers Release PoC Exploit for Critical Windows RCE Vulnerability

On June 30, 2021, a proof-of-concept (PoC) exploit for a remote code execution vulnerability in the Windows Print Spooler, identified as CVE-2021-1675, was temporarily posted online before being removed. This security flaw, which Microsoft addressed in a Patch Tuesday update on June 8, 2021, could allow remote attackers to gain complete control over affected systems. The Print Spooler component, responsible for managing printer operations and loading drivers, poses significant risks due to its wide attack surface and high privilege level that enables the dynamic loading of third-party binaries. Shortly after the initial patch, Microsoft updated its assessment of the vulnerability’s impact from an elevation of privilege to remote code execution (RCE) and increased the severity rating.

Microsoft Alerts Users to Critical “PrintNightmare” Vulnerability Under Active Exploitation

On July 2, 2021, Microsoft confirmed that the “PrintNightmare” remote code execution (RCE) vulnerability in the Windows Print Spooler differs from a previously addressed issue in its recent Patch Tuesday update. The company has observed active attempts to exploit this flaw, tracked under CVE-2021-34527, with a severity rating of 8.8 on the CVSS scale. All Windows versions are affected by this vulnerability. Microsoft stated, “A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations.” Successful exploitation could allow attackers to execute arbitrary code with SYSTEM privileges, enabling them to install programs, manipulate data, or create accounts with full user rights.

Microsoft Alerts on Critical Vulnerability Exploited in the Wild On July 2, 2021, Microsoft confirmed a severe vulnerability, dubbed “PrintNightmare,” affecting the Windows Print Spooler. Unlike a previous issue resolved in its Patch Tuesday update, this vulnerability is distinct and currently under active exploitation attempts. Microsoft has designated this flaw…

Read More

Microsoft Alerts Users to Critical “PrintNightmare” Vulnerability Under Active Exploitation

On July 2, 2021, Microsoft confirmed that the “PrintNightmare” remote code execution (RCE) vulnerability in the Windows Print Spooler differs from a previously addressed issue in its recent Patch Tuesday update. The company has observed active attempts to exploit this flaw, tracked under CVE-2021-34527, with a severity rating of 8.8 on the CVSS scale. All Windows versions are affected by this vulnerability. Microsoft stated, “A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations.” Successful exploitation could allow attackers to execute arbitrary code with SYSTEM privileges, enabling them to install programs, manipulate data, or create accounts with full user rights.

Microsoft Releases Urgent Patch for Critical PrintNightmare Vulnerability in Windows

Microsoft has issued an emergency out-of-band security update to address a critical zero-day vulnerability, dubbed “PrintNightmare,” affecting the Windows Print Spooler service. This flaw, tracked as CVE-2021-34527 (with a CVSS score of 8.8), enables remote threat actors to execute arbitrary code and potentially seize control of affected systems. The issue impacts all supported versions of Windows, and the company recently reported active exploitation attempts targeting this vulnerability. According to the CERT Coordination Center, the Windows Print Spooler service does not adequately restrict access to functionalities that allow users to add printers and drivers, thus enabling a remote authenticated attacker to execute arbitrary code with SYSTEM privileges. Notably, PrintNightmare encompasses both remote code execution and local privilege escalation vectors that could be exploited in various attacks.

Microsoft Releases Critical Emergency Patch for PrintNightmare Vulnerability July 7, 2021 Microsoft has announced the urgent deployment of an out-of-band security update aimed at addressing a severe zero-day vulnerability identified as “PrintNightmare.” This flaw, which impacts the Windows Print Spooler service, enables remote threat actors to execute arbitrary code, potentially…

Read More

Microsoft Releases Urgent Patch for Critical PrintNightmare Vulnerability in Windows

Microsoft has issued an emergency out-of-band security update to address a critical zero-day vulnerability, dubbed “PrintNightmare,” affecting the Windows Print Spooler service. This flaw, tracked as CVE-2021-34527 (with a CVSS score of 8.8), enables remote threat actors to execute arbitrary code and potentially seize control of affected systems. The issue impacts all supported versions of Windows, and the company recently reported active exploitation attempts targeting this vulnerability. According to the CERT Coordination Center, the Windows Print Spooler service does not adequately restrict access to functionalities that allow users to add printers and drivers, thus enabling a remote authenticated attacker to execute arbitrary code with SYSTEM privileges. Notably, PrintNightmare encompasses both remote code execution and local privilege escalation vectors that could be exploited in various attacks.