PLC J2497 contains vulnerabilities, such as missing authentication for critical function and improper protection against electromagnetic fault injection.

Sources: CISA

Cisco released security updates for three products to address vulnerabilities, such as privilege escalation, denial-of-service and more.

Sources: CISA, Cisco

CISA added 95 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, a list of vulnerabilities that are actively being exploited in the wild.

Sources: Known Exploited Vulnerabilities Catalog, CISA

CISA released an ICS Medical Advisory due to a hard-coded credentials vulnerability in Becton, Dickinson and Company (BD) products that could lead to an attacker gaining access to electronic protected health information or other private information.

Sources: CISA, BD

IPCOMM's ipDIO is vulnerable to cross-site scripting and code injection.

Sources: CISA, IPCOMM

Becton, Dickinson and Company's (BD) Viper LT is vulnerable to use of hard-coded credentials that could allow an attacker to access, modify or delete sensitive information.

Sources: CISA, BD

The NSA released a Network Infrastructure Security Guide that reports best practices for hardening networks against cyber threats.

Sources: NSA, CISA

Google released security updates for Chrome for Windows, Mac and Linux due to vulnerabilities that could allow an attacker to gain control of affected systems.

Sources: CISA, Google

Broadcom Software found an APT campaign against select governments and other critical infrastructure targets.

Sources: CISA, Broadcom Software