InfoSecBulletin Cybersecurity for mankind
CISA published an advisory about Industrial Control Systems (ICS) on February 22, 2024, to inform about security issues, vulnerabilities, and exploits related to ICS.
- ICSA-24-053-01 Delta Electronics CNCSoft-B DOPSoft:
EXECUTIVE SUMMARY
CVSS v3 7.8 - ATTENTION: Low attack complexity
Vendor: Delta Electronics
Equipment: CNCSoft-B DOPSoft
Vulnerability: Uncontrolled Search Path Element - RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to achieve remote code execution. - AFFECTED PRODUCTS:
The following Delta Electronics products are affected:
CVSS 10.0 Flaw
Critical flaw in Siemens OZW Web Servers Enable Unauthenticated RCEBy infosecbulletin / Wednesday , May 14 2025Siemens issued a security advisory (SSA-047424) for two serious vulnerabilities—CVE-2025-26389 and CVE-2025-26390—impacting the OZW672 and OZW772 web servers. These servers...Read More
Microsoft Patch Tuesday May 2025: 72 flaws, 5 Actively Exploited Zero-Day
By infosecbulletin / Wednesday , May 14 2025Microsoft has released its Patch Tuesday updates for May 2025, addressing a total of 78 vulnerabilities across its product ecosystem,...Read More
OTP glitch disrupted NID services across the country
By infosecbulletin / Tuesday , May 13 2025NID services in Bangladesh are temporarily suspended due to issues with delivering One-Time Passwords (OTP) needed to access the NID...Read More
Google to pay Texas $1.4 billion for location tracking practices
By infosecbulletin / Monday , May 12 2025Google will pay about $1.4 billion to Texas to settle two lawsuits regarding location tracking and biometric data storage without...Read More
YouTube geo-blocks at least 4 Bangladeshi TV channels in India
By infosecbulletin / Friday , May 9 2025YouTube has restricted access to at least four Bangladeshi television channels in India following a takedown request from the Indian...Read More
Microsoft Patches Four Critical Azure and Power Apps Vulns
By infosecbulletin / Friday , May 9 2025Microsoft has fixed critical vulnerabilities in its core cloud services, including Azure Automation, Azure Storage, Azure DevOps, and Microsoft Power...Read More
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
By infosecbulletin / Thursday , May 8 2025The cyber threat landscape is rapidly changing, with a notable increase in ransomware activity in April 2025, driven by the...Read More
SonicWall Patches 3 Flaws in SMA 100 Devices
By infosecbulletin / Thursday , May 8 2025SonicWall has released patches for three security flaws in SMA 100 Secure Mobile Access appliances that could allow remote code...Read More
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
By infosecbulletin / Thursday , May 8 2025From April 2024 to April 2025, Flashpoint analysts noted that the financial sector was a major target for threat actors,...Read More
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
By infosecbulletin / Thursday , May 8 2025Cisco has issued a security advisory for a critical vulnerability in its IOS XE Software for Wireless LAN Controllers (WLCs)....Read More
CNCSoft-B v1.0.0.4 DOPSoft: versions prior to v4.0.0.82
