Browsing Category: Critical Infrastructure

There are a number of serious vulnerabilities in the Siemens Ruggedcom WIN switches, including a remotely exploitable buffer overflow and a flaw that could allow an attacker to take actions on the device without authentication. The vulnerabilities affect several models of the Ruggedcom WIN switches, including WIN51xx all versions prior to SS4.4.4624.35, WIN52xx: all versions[…]

Read more...

There is a remotely exploitable buffer overflow in a handful of software products from Schneider Electric that could allow an attacker to execute arbitrary code on vulnerable machines. The vulnerability lies in a DLL that’s installed with a Device Type Manager that is part of several Schneider products, including the Unity Pro development software, the[…]

Read more...

There is a hard-coded private SSL key present in a number of hardened, managed Ethernet switches made by GE and designed for use in industrial and transportation systems. Researchers discovered that an attacker could extract the key from the firmware remotely. The vulnerability exists in a number of GE Ethernet switches, including the GE Multilink[…]

Read more...