Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of August 20 - 26. Sign up to get these updates right to your inbox!
KNX Protocol contains an overly restrictive account lockout mechanism vulnerability that could cause users to lose access to their device, potentially with no way to reset the device.
Sources: CISA
OPTO 22 SNAP PAC S1 contains improper restriction of excessive authentication attempts, weak password requirements, improper access control and uncontrolled resource consumption vulnerabilities that could allow an attacker to brute force passwords, access certain device files or cause a denial-of-service condition.
Sources: CISA
CODESYS Development System contains uncontrolled search path element, improper restriction of excessive authentication attempts and insufficient verification of data authenticity vulnerabilities that could cause users to unknowingly launch a malicious binary placed by a local attacker, provide a local attacker with account information and allow an attacker to execute a man-in-the-middle (MITM) attack to execute arbitrary code.
Rockwell Automation Input/Output Modules contain an out-of-bounds write vulnerability that could allow an attacker to cause a denial-of-service on the affected products.
Sources: CISA, Rockwell Automation
Hitachi Energy AFF66x contains cross-site scripting, use of insufficiently random values, origin validation error, integer overflow or wraparound, uncontrolled resource consumption and NULL pointer dereference vulnerabilities that could allow an attacker to compromise availability, integrity and confidentiality of the targeted devices.
Trane Thermostats contain an injection vulnerability that could allow an attacker to execute arbitrary commands as root using a specially crafted filename.
Sources: CISA
Rockwell Automation ThinManager ThinServer contains improper input validation vulnerabilities that could allow an attacker to remotely delete arbitrary files with system privileges.
Sources: CISA, Rockwell Automation
Mitsubishi Electric MELSEC WS Series (UPDATE A) contains an active debug code vulnerability that could allow an attacker to bypass authentication and log in by connecting to the module via telnet to reset the module or, if certain conditions are met, either disclose or tamper with the module's configuration or rewrite the firmware.
Sources: CISA, Mitsubishi Electric
