Aggregator

A vulnerability was found in Siemens RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P and RUGGEDCOM RSG2100PNC up to 4.3.9. It has been classified as critical. This affects an unknown part. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2023-52237. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens RUGGEDCOM RMC8388, RUGGEDCOM RMC8388NC, RUGGEDCOM RS416NCv2, RUGGEDCOM RS416PNCv2, RUGGEDCOM RS416Pv2, RUGGEDCOM RS416v2, RUGGEDCOM RS900 (32M), RUGGEDCOM RS900G (32M), RUGGEDCOM RS900GNC(32M), RUGGEDCOM RS900NC(32M), RUGGEDCOM RSG2100 (32M), RUGGEDCOM RSG2100NC(32M), RUGGEDCOM RSG2288, RUGGEDCOM RSG2288NC, RUGGEDCOM RSG2300, RUGGEDCOM RSG2300NC, RUGGEDCOM RSG2300P, RUGGEDCOM RSG2300PNC, RUGGEDCOM RSG2488, RUGGEDCOM RSG2488NC, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P, RUGGEDCOM RSG920PNC, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C and RUGGEDCOM RST916P. It has been declared as critical. This vulnerability affects unknown code of the component Remote Service. The manipulation leads to incorrect privilege assignment. This vulnerability was named CVE-2024-38278. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens SIMATIC S7-PLCSIM, SIMATIC STEP 7 Safety, SIMATIC STEP 7, SIMATIC WinCC Unified, SIMATIC WinCC, SIMOCODE ES, SIMOTION SCOUT TIA, SINAMICS Startdrive, SIRIUS Safety ES and TIA Portal Cloud. It has been classified as very critical. Affected is an unknown function. The manipulation leads to deserialization. This vulnerability is traded as CVE-2024-49849. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as very critical has been found in Siemens SIMATIC S7-PLCSIM, SIMATIC STEP 7 Safety, SIMATIC STEP 7, SIMATIC WinCC Unified, SIMATIC WinCC, SIMOCODE ES, SIMOTION SCOUT TIA, SINAMICS Startdrive, SIRIUS Safety ES and TIA Portal Cloud. This affects an unknown part of the component User Setting Handler. The manipulation leads to improper input validation. This vulnerability is uniquely identified as CVE-2024-52051. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in OctoPrint up to 1.11.1. It has been rated as problematic. This issue affects some unknown processing of the component Web Interface. The manipulation leads to file inclusion. The identification of this vulnerability is CVE-2025-48067. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GNOME libgepub. It has been classified as problematic. This affects an unknown part of the component EPUB File Parser. The manipulation leads to integer overflow. This vulnerability is uniquely identified as CVE-2025-6196. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical has been found in Siemens TIA Project-Server and Totally Integrated Automation Portal. Affected is an unknown function. The manipulation leads to unrestricted upload. This vulnerability is traded as CVE-2025-27127. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Xmlsoft libxml2. This affects an unknown part of the component xmllint. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-6170. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in GitLab Enterprise Edition up to 17.10.7/17.11.3/18.0.1. Affected is an unknown function of the component IP Access Restriction. The manipulation leads to insufficient granularity of access control. This vulnerability is traded as CVE-2025-5982. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in OctoPrint up to 1.11.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper neutralization of delimiters. This vulnerability is known as CVE-2025-48879. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in CyberData 011209 SIP Emergency Intercom and classified as very critical. This issue affects some unknown processing of the component File Upload. The manipulation leads to path traversal: '.../...//'. The identification of this vulnerability is CVE-2025-30515. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

As cyberthreats evolve, so must our defenses. One of the most effective forms of modern distributed denial-of-service (DDoS) attacks is carpet bombing—a technique that spreads low-volume attack traffic across a wide range of IP addresses within a network. Unlike traditional DDoS attacks that target a single endpoint...

​当「技术竞赛」转向「生态竞赛」。

LWN 发表的一篇文章谈论了星际译王词典软件的潜在隐私问题。用户在 Debian 上安装星际译王时会默认安装插件包 stardict-plugin，其中之一是网易的有道在线词典插件，该插件还会链接另一个在线词典 dict.cn。在 X11 下星际译王默认会启用扫描功能，监视用户的文本选择通过弹出窗口提供自动翻译。在 Wayland 下该功能被破坏了，因为 Wayland 默认禁止应用程序捕获其它应用的文本。星际译王的 Debian 包维护者 Xiao Sheng Wen 认为这种做法没有问题，指出如果用户不想使用扫描功能或有道插件，可以禁用它们。但 Vincent Lefevre 认为，涉及隐私的功能永远不应该默认启用。用户可能会在文本选择时泄漏敏感信息，比如从密码管理器中复制粘贴密码。

Prove launched Unified Authentication, an authentication solution that passively and persistently recognizes customers, no matter where they appear or how often their devices or credentials change. This launch reflects a critical market shift: identity is no longer just a tool for fraud prevention or compliance – it’s a core enabler of digital commerce. Businesses must seamlessly recognize and authenticate customers across mobile apps, desktops, laptops, call centers, kiosks, and third-party platforms. But as companies move … More →

The post Prove Unified Authentication simplifies identity verification appeared first on Help Net Security.

Уязвимость в Exchange, которая способна обнулить безопасность домена.

Trend Micro announced new agentic AI technology designed to solve the traditional pain points associated with Security Information and Event Management (SIEM). When combined with Trend’s digital twin capabilities it will help to transform security operations by proactively mitigating security risks. “As the cybersecurity stack increasingly becomes AI driven, the security data layer must evolve to support data-hungry agentic capabilities, including infusing agentic AI into core SIEM functions. Trend Vision One Agentic SIEM enters the SIEM … More →

The post Trend Micro improves SIEM performance with agentic AI appeared first on Help Net Security.

实验室特设立开放课题，资助与实验室研究方向密切相关、具有重大科学意义和广泛应用前景的研究课题。

Rapid7 found that threat actors are able to purchase low-cost initial access broker services, with many packages offering a variety of options