An Apple developer left one of the strangest Easter eggs hidden in the macOS, offering a surprising and baffling connection between the Cupertino tech company’s mainline operating system to everybody’s (least) favorite cryptographic digital currency.
Despite the millions of people who read Hugh Howey’s best-selling, dystopian Silo novels, the upcoming Apple TV+ series adaptation feels like it’s flying under the radar—although maybe that’s appropriate for a story about the last vestige of humanity stuck underground so long they can’t remember why. But maybe this…
Samsung employees are in hot water after they reportedly leaked sensitive confidential company information to OpenAI’s ChatGPT on at least three separate occasions. The leaks highlight both the widespread popularity of the popular new AI chatbot for professionals and the often-overlooked ability of OpenAI to suck up…
Most attacks now follow the same path: criminals breach an organization’s
security and steal whatever they can, then deploy some form of ransomware. The
stolen documents are then used to extort money from the organization.
As it turns out, the Montgomery General Hospital incident highlighted the
importance of some measures against such attacks, even when cri
Successful exploitation of these vulnerabilities could allow an attacker to gain full access to the underlying operating system of the device or cause a denial-of-service condition.
The following versions of Korenix Jetwave, are affected:
3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND (‘COMMAND INJECTION’) CWE-77
Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to command injection. An attacker could modify the file_name parameter to execute commands as root.
CVE-2023-23294 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.2 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND (‘COMMAND INJECTION’) CWE-77
Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to command injection via /goform/formSysCmd. An attacker could modify the sysCmd parameter to execute commands as root.
CVE-2023-23295 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.3 UNCONTROLLED RESOURCE CONSUMPTION CWE-400
Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to a possible denial-of-service condition via /goform/formDefault. When logged in, a user could issue a POST request so that the underlying binary exits. The web-service then becomes unavailable and cannot be accessed until a user reboots the device.
CVE-2023-23296 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
Thomas Weber of CyberDanube reported these vulnerabilities to Korenix.
Korenix recommends all users update their JetWave products to the latest firmware:
According to Korenix, users should visit Korenix and navigate to the appropriate Korenix JetWave product page, found in the “Wireless” section on the site, and download the latest firmware.
For more information, see Korenix’s Security Advisory.
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
No known public exploits specifically target these vulnerabilities.
Successful exploitation of this vulnerability could allow an authenticated attacker to overwrite, delete, or create files.
The following versions of Industrial Control Links ScadaFlex II SCADA Controllers are affected:
3.2.1 EXTERNAL CONTROL OF FILE NAME OR PATH CWE-73
On ICL ScadaFlex II SCADA Controller SC-1 and SC-2 devices, unauthenticated remote attackers can overwrite, delete, or create files. This allows an attacker to execute critical file CRUD operations on the device that can potentially allow system access and impact availability.
CVE-2022-25359 has been assigned to this vulnerability. A CVSS v3 base score of 9.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H).
CISA discovered a public proof-of-concept (PoC) as authored by Gjoko Krstic of Zero Science Lab.
Industrial Control Links has relayed that they are closing their business. This product may be considered end-of-life; continued supported for this product may be unavailable.
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Successful exploitation of these vulnerabilities could allow an authenticated user to inject arbitrary operating system commands.
The following versions of myPRO HMI/SCADA systems are affected:
3.2.1 OS COMMAND INJECTION CWE-78
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
CVE-2023-28400 has been assigned to this vulnerability. A CVSS v3 base score of 9.9 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
3.2.2 OS COMMAND INJECTION CWE-78
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
CVE-2023-28716 has been assigned to this vulnerability. A CVSS v3 base score of 9.9 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
3.2.3 OS COMMAND INJECTION CWE-78
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
CVE-2023-28384 has been assigned to this vulnerability. A CVSS v3 base score of 9.9 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
3.2.4 OS COMMAND INJECTION CWE-78
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
CVE-2023-29169 has been assigned to this vulnerability. A CVSS v3 base score of 9.9 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
3.2.5 OS COMMAND INJECTION CWE-78
mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands.
CVE-2023-29150 has been assigned to this vulnerability. A CVSS v3 base score of 9.9 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
Michael Heinzl publicly disclosed these vulnerabilities on the internet.
mySCADA recommends users upgrade to version 8.29.0 or higher. For more information, contact mySCADA technical support. mySCADA will also send security advice by email to all registered users.
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Known public exploits specifically target these vulnerabilities. These vulnerabilities are exploitable remotely. These vulnerabilities have low attack complexity.
Successful exploitation of these vulnerabilities could allow an attacker to disclose information or execute arbitrary code.
The following versions of JTEKT ELECTRONICS Kostac PLC Programming Software are affected:
3.2.1 OUT-OF-BOUNDS READ CWE-125
When a specially crafted project file is opened, out-of-bounds read occurs when processing a comment block in stage information because the end of data cannot be verified.
CVE-2023-22419 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.2 OUT-OF-BOUNDS READ CWE-125
When a specially crafted project file is opened, out-of-bounds read occurs because buffer size used by the PLC program instructions is insufficient.
CVE-2023-22421 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.3 USE AFTER FREE CWE-416
When the maximum number of columns to place the PLC program is out of specification by opening a specially crafted project file, a process accesses memory that has already been freed.
CVE-2023-22424 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
Michael Heinzl reported these vulnerabilities to JPCERT/CC.
JTEKT ELECTRONICS recommends users to download the following updates:
This version not only addresses the vulnerability, but also takes measures to prevent crafted project files from being opened. Project files saved with Version 1.6.9.0 or earlier can be re-saved with Version 1.6.10.0 or above to enable this tamper-proof feature. Project files saved with Version 1.6.10.0 or above cannot be opened with Version 1.6.9.0 or earlier.
For more information, see JTEKT ELECTRONICS’ Update Notice.
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.
CISA released seven Industrial Control Systems (ICS) advisories on April 6, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.
