Search
Close this search box.

Vulnerability Pulse

Every week, we catalog the major industrial cybersecurity vulnerabilities and updates you should know about. Here are the notable threats from the week of June 19 - 25. Sign up to get these updates right to your inbox!

JUNE 24, 2022

Citrix

Citrix released security updates for Hypervisor due to vulnerabilities found that could allow an attacker to gain control of affected systems.

Sources: Citrix, CISA

JUNE 23, 2022

CISA

CISA released its Cloud Security (CS) Technical Architecture (TRA) to guide people on how to securely migrate to the cloud.

Sources: CS TRA, CISA

Elcomplus LLC

Elcomplus LLC SmartICS contains vulnerabilities, such as improper access control, relative path traversal and cross-site scripting.

Sources: SmartICS, CISA

Pyramid Solutions, Inc.

Pyramid Solutions, Inc. Ethernet/IP adapter development kit contains an out-of-bounds vulnerability that could result in a denial-of-service.


Sources: Pyramid Solutions, CISA

Secheron

Secheron SEPCOS Control and Protection Relay contains multiple vulnerabilities, such as improper enforcement of behavioral workflow, lack of administrator control over security, improper privilege management, insufficiently protected credentials and improper access control.


Sources: Secheron, CISA

Yokogawa

Yokogawa Consolidation Alarm Management Software for Human Interface Station (CAMS for HIS) contains a violation of secure design principles vulnerability.

Sources: Yokogawa, CISA

OFFIS

OFFIS DCMTK contains path traversal, relative path traversal and NULL pointer dereference vulnerabilities.

Sources: OFFIS, CISA

Yokogawa

Yokogawa STARDOM contains vulnerabilities, such as cleartext transmission of sensitive information and use of hard-coded credentials that could lead to an attacker altering device configuration settings or tampering with device firmware.

Sources: Yokogawa, CISA

VMware

CISA and the U.S. Coast Guard Cyber Command (CGCYBER) released a joint CSA about the continued exploitation of Log4Shell in VMware Horizon and Unified Access Gateway (UAG) servers.

Sources: VMware, CISA, Joint CSA

JUNE 22, 2022

Google

Google released security updates for Chrome in Windows, Mac and Linux due to vulnerabilities found that could allow an attacker to gain control of affected systems.

Sources: Google Chrome, CISA

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES