InfoSecBulletin Cybersecurity for mankind
CISA published an advisory on May 28, 2024, about Industrial Control Systems (ICS). They share important information about security issues, vulnerabilities, and exploits related to ICS.
ICSA-24-149-01 Campbell Scientific CSI Web Server:
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
The Campbell Scientific CSI Web Server supports a command that will return the most recent file that matches a given expression. A specially crafted expression can lead to a path traversal vulnerability. This command combined with a specially crafted expression allows anonymous, unauthenticated access (allowed by default) by an attacker to files and directories outside of the webserver root directory they should be restricted to. CVE-2024-5433 has been assigned to this vulnerability. A CVSS v3.1 base score of 5.3 has been calculated
Successful exploitation of these vulnerabilities could allow an attacker to download files and decode stored passwords.
AFFECTED PRODUCTS
The following versions of Campbell Scientific CSI Web Server and RTMC (Real-Time Monitoring and Control) Pro, which contains the CSI Web Server are affected:
Campbell Scientific CSI Web Server: Versions 1.6 and prior
RTMC Pro: Version 5.0 and prior
CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.
