By michele654 on Tuesday, 19 December 2023
Category: Vulnerabilities

New Vulnerabilities Tuesday 19 December


New Alerts for Hitachi Energy and Mozilla.

Hitachi Energy 

A vulnerability exists in the RTU500 Scripting interface. When a client connects to a server using TLS, the server presents a certificate. If the client does not validate the parameters of the certificate, then attackers could be able to spoof the identity of the service. CVSSv3 score of 7.4
More info.

A DoS vulnerability exists in SCI IEC 60870-5-104 and HCI IEC 60870-5-104 that affects the RTU500. Specially crafted messages are not validated properly and can result in buffer overflow and as final consequence to a reboot of an RTU500 CMU. CVSSv3 score of 5.9
More info.

Mozilla 

Mozilla has updated Firefox, Firefox ESR, and Thunderbird, updates rated High.
More info.

Security Wizardry Cyber Threat Intelligence - The Radar Page

Security Wizardry Cyber Threat Intelligence - The Mobile Radar Page

SecurityWizardry.com - Vulnerability Details

Leave Comments