Your one-stop web resource providing safety and security information to manufacturers

Search Results

You searched for: Yokogawa:

Rockwell Clears EtherNet/IP Web Server Module Holes

Rockwell Automation recommends affected users of its EtherNet/IP Web Server Modules disable the SNMP service if not in use to mitigate an improper input validation vulnerability, according to a report from NCCIC. Successful exploitation of this remotel …

InduSoft Web Studio, InTouch Edge HMI Fixed

AVEVA Software, LLC (AVEVA) suggests users to upgrade to the latest release to mitigate a missing authentication for critical function and resource injection vulnerabilities in its InduSoft Web Studio and InTouch Edge HMI (formerly InTouch Machine Edit …

IDenticard Updating PremiSys Holes

IDenticard released a software update to mitigate multiple vulnerabilities in its PremiSys access control systems, according to NCCIC. The vulnerabilities are a use of hard-coded credentials, use of hard-coded password, and an inadequate encryption str …

Schneider Fixes EVLink Parking Holes

Schneider Electric has a recommendation and an update to handle use of hard-coded credentials, code injection, and SQL injection vulnerabilities in its EVLink Parking, according to a report with NCCIC. Successful exploitation of these remotely exploita …

Yokogawa has Fix for License Manager Service

Yokogawa’s latest release should handle an unrestricted upload of files with dangerous type vulnerability in its License Manager Service, according to a report with NCCIC. Successful exploitation of this vulnerability, which Kaspersky Lab reported to Y …

Emerson Patches DeltaV Hole

Emerson has a patch to handle an authentication bypass vulnerability in its DeltaV Distributed Control System workstations, according to a report with NCCIC. Successful exploitation of this vulnerability could allow an attacker to shut down a service, …

Schneider Clears IIoT Monitor Holes

Schneider Electric has a migration plan to handle path traversal, unrestricted upload of file with dangerous type, and XXE vulnerabilities in its IIoT Monitor, according to a report with NCCIC. Successful exploitation of these remotely exploitable vuln …

Schneider Fixes Zelio Soft 2 Hole

Schneider Electric has a new version of software to fix an use after free vulnerability in its Zelio Soft 2, according to a report with NCCIC. Successful exploitation of this vulnerability could allow for remote code execution when opening a specially …

Hetronic Firmware Fix for Nova-M

Hetronic has new firmware to handle an authentication bypass by capture replay vulnerability in its Nova-M, according to a report with NCCIC. Successful exploitation of this vulnerability, discovered by Jonathan Andersson, Philippe Z Lin, Akira Urano, …

Yokogawa Update Fixes Driver Vulnerability

Yokogawa has an update to handle a resource management error vulnerability in its Vnet/IP Open Communication Driver, according to a report with NCCIC. Successful exploitation of this remotely exploitable vulnerability, which JPCERT coordinated with Yok …

GSX: Integrate All Security

By Gregory Hale Disagreements often arise over the manufacturing IT-OT security discussion, but in a world where digital transformation continues to evolve, the idea of IT security or OT security converging may turn into all forms of security integrati …

Yokogawa: Digital Future; Security Backbone

By Gregory Hale Like any of the major automation suppliers, Yokogawa is moving toward a stronger digital footprint. That became abundantly clear at last week’s 2018 Yokogawa Users Conference in Orlando, FL. But one of the things they didn’t really focu …

Secureworks Unveils Security Maturity Model

Secureworks launched its Secureworks Security Maturity Model. The release is in response to “research which shows more than 37 percent of U.S. organizations face security risks that exceed their overall security maturity. RELATED STORIES Forcepoint Lau …

Trend Micro, HITRUST Launch Risk Mgt Firm

Cybersecurity solutions provider Trend Micro teamed with the non-profit HITRUST to launch a new company that offers cyber risk management services. The new company, named Cysiv, will provide risk management services to select enterprises in the United …

Forcepoint Launches ICS Unit

Cybersecurity provider, Forcepoint unveiled a new business unit to focus on critical infrastructure providers. The Forcepoint Critical Infrastructure business will leverage the capability of the company’s Global Governments and Enterprise Security busi …

Indegy, OISF Partner on Threat Awareness

Network monitoring provider, Indegy, is partnering with the Open Information Security Foundation (OISF), the nonprofit organization that owns and manages Suricata, a network threat detection engine. The integration will combine Indegy’s patent-pending …

Schneider Fills PowerLogic Hole

Schneider Electric released a fix to take care of a cross-site scripting vulnerability in its PowerLogic PM5560, according to a report with NCCIC. Successful exploitation of this remotely exploitable vulnerability could allow user input to be manipulat …

ABB Fix Coming for eSOMS

ABB will release a new version next month to fix an improper authentication issue in its eSOMS product, according to a report with NCCIC. Successful exploitation of this remotely exploitable vulnerability, which ABB self-reported, requires an attacker …

BD Mitigates Hole in Alaris Plus

Becton, Dickinson and Company (BD) has mitigations in place to handle an improper authentication in its Alaris GS, Alaris GH, Alaris CC, and Alaris TIVA, according to a report with NCCIC. Successful exploitation of this remotely exploitable vulnerabili …

Mitigations for Philips’ Monitoring System

Philips has mitigations to handle a resource exhaustion vulnerability in its IntelliVue Information Center iX, according to a report with NCCIC. Successful exploitation of this vulnerability, which a user reported to Philips and then to NCCIC, may resu …

Pin It on Pinterest