InfoSecBulletin Cybersecurity for mankind
CISA has released three Industrial Control Systems (ICS) advisories on July 6, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations:
ICSA-23-187-01 PiiGAB M-Bus
ICSA-23-187-02 ABUS TVIP
ICSA-23-143-03 Mitsubishi Electric MELSEC Series CPU module (Update A)
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
Industrial Control Systems vulnerabilities: PiiGAB M-Bus
These vulnerabilities include:
Code injection (CVE-2023-36859)
Improper restriction of authentication attempts (CVE-2023-33868)
Unprotected transport of credentials (CVE-2023-31277)
Use of hard-coded credentials (CVE-2023-35987)
Plaintext storage of passwords (CVE-2023-35765)
Cross-site scripting (CVE-2023-32652)
Weak password requirements (CVE-2023-34995)
Use of weak password hash (CVE-2023-34433)
Cross-site request forgery (CVE-2023-35120)
Industrial Control Systems vulnerabilities: ABUS TVIP
ABUS, a vendor of security camera systems, has identified vulnerability in their ABUS TVIP indoor security camera that could allow remote attackers to execute arbitrary code. The vulnerability, known as command injection, occurs when an attacker is able to inject malicious code into a system by exploiting a flaw in the application’s input validation. In this case, the vulnerability exists in a specific field of the camera’s configuration.
Once the attacker has successfully injected the malicious code, they can then execute it on the system, which could lead to a variety of consequences, such as arbitrary file reads or remote code execution. The severity of this vulnerability is rated as moderate, and public exploits are available. ABUS has released a patch for the vulnerability, and users are advised to update their cameras as soon as possible.
ICS vulnerabilities: Mitsubishi Electric MELSEC Series CPU Module
Mitsubishi Electric has released a firmware update to address vulnerability in their MELSEC Series CPU modules. The vulnerability, tracked as CVE-2023-1424, is a classic buffer overflow that could allow a remote attacker to cause a denial-of-service condition or execute malicious code.
The vulnerability exists due to inadequate input size checks in the affected modules. An attacker could exploit this vulnerability by sending specially crafted packets to the affected modules. If successful, the attacker could cause a denial-of-service condition or execute malicious code on the affected system.
Mitsubishi Electric has released firmware updates to address this vulnerability. Users are advised to update their firmware as soon as possible.
