InfoSecBulletin Cybersecurity for mankind
CISA published an advisory about Industrial Control Systems (ICS) on February 22, 2024, to inform about security issues, vulnerabilities, and exploits related to ICS.
- ICSA-24-053-01 Delta Electronics CNCSoft-B DOPSoft:
EXECUTIVE SUMMARY
CVSS v3 7.8 - ATTENTION: Low attack complexity
Vendor: Delta Electronics
Equipment: CNCSoft-B DOPSoft
Vulnerability: Uncontrolled Search Path Element - RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. - AFFECTED PRODUCTS:
The following Delta Electronics products are affected:
SonicWall patched SSLVPN Vuln Allowing Firewall Crashing
By infosecbulletin / Thursday , April 24 2025SonicWall has revealed a vulnerability in its SonicOS SSLVPN Virtual Office interface that could let remote attackers crash firewall appliances....Read More
GitLab Releases Security Update For Multiple Vulns
By infosecbulletin / Thursday , April 24 2025GitLab has announced a security advisory urging users to upgrade their self-managed installations right away. Versions 17.11.1, 17.10.5, and 17.9.7...Read More
ISPAB president “whatsapp” got hacked via phishing link
By infosecbulletin / Wednesday , April 23 2025Imdadul Haque, the president of Internet Service Provider of Bangladesh (ISPAB) said, I automatically got back my WhatsApp account. What...Read More
Zyxel released patches 2 vulns in its USG FLEX H series firewalls
By infosecbulletin / Wednesday , April 23 2025Zyxel Networks has issued critical security patches for two high-severity vulnerabilities in its USG FLEX H series firewalls. These flaws...Read More
South Korea’s largest SK Telecom Hit by Malware: SIM-related info leaked
By infosecbulletin / Wednesday , April 23 2025South Korea's largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related...Read More
ChatGPT Develops Exploit for CVEs Before Public PoCs Share
By infosecbulletin / Wednesday , April 23 2025Security researcher Matt Keeley showed that artificial intelligence can now develop working exploits for critical vulnerabilities before public proof-of-concept (PoC)...Read More
TP-Link Router Vulns Allow to Execute Malicious SQL Commands
By infosecbulletin / Tuesday , April 22 2025Several vulnerabilities have been found in TP-Link routers, exposing users to serious security risks from SQL injection flaws in their...Read More
SSL.com’s domain validation system’s bug found: Hacker exploited
By infosecbulletin / Tuesday , April 22 2025SSL.com has revealed a major security flaw in its domain validation system, which could enable attackers to acquire fake SSL...Read More
Amazon Follows Microsoft’s Lead, Halts Some Data Center Deals
By infosecbulletin / Tuesday , April 22 2025Amazon has paused some data center lease negotiations for its cloud division, particularly in international markets, according to Wells Fargo...Read More
Hackers Exploit Zoom’s Remote Control Feature for System Access
By infosecbulletin / Monday , April 21 2025ELUSIVE COMET is a threat actor conducting a sophisticated attack campaign that uses Zoom's remote control feature to access victims'...Read More
CNCSoft-B v1.0.0.4 DOPSoft: versions prior to v4.0.0.82
