Computer Software for Automation and Control by ARC Informatique

This updated advisory is a follow-up to the original advisory titled ICSA-22-354-03 ARC Informatique PcVue that was published December 20, 2022. It is possible for an unauthorized user to access the email account, SIM card, and other data sources associated with the affected device due to a cleartext storage of sensitive information vulnerability existing in PcVue versions 8.10 through 15.2.3. This could allow the user to discover the associated simple mail transfer protocol account credentials and the SIM card PIN code. Additionally, an insertion of sensitive information into log file vulnerability exists in PcVue versions 15 through 15.2.2, which could allow a user with access to the log files to discover connection strings of data sources configured for the DbConnect, which could include credentials. ARC Informatique reported these vulnerabilities to CISA and has released a fix for CVE-2022-4312 for PcVue 12 in Version 12.0.28. CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as minimizing network exposure for all control system devices and/or systems, and ensuring they are not accessible from the Internet. CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. No known public exploits specifically target these vulnerabilities.

This Cyber News was published on us-cert.cisa.gov. Publication date: Thu, 09 Feb 2023 17:49:02 +0000


Cyber News related to Computer Software for Automation and Control by ARC Informatique

Arc browser launches bug bounty program after fixing RCE bug - This development comes in response to a critical remote code execution flaw, tracked as CVE-2024-45489, that could have enabled threat actors to launch mass-scale attacks against users of the program. The Browser Company says new coding guidelines ...
2 months ago Bleepingcomputer.com
Should You Shut Down Your Computer Every Night? - Although PCs benefit from an occasional reboot, it's not necessary to turn off your computer every night. The decision to let your computer sleep vs. shut down depends on considerations such as the device's age, your usage habits, and whether you ...
10 months ago Pandasecurity.com
Home Automation for All: Enabling Independence - As technology advances, home automation provides a sense of empowerment for elderly and disabled individuals. Home automation for the elderly and disabled reduces dependence on others and promotes independence in the home environment. Home automation ...
11 months ago Securityzap.com
Energy-Efficient Home Automation: Saving the Planet and Your Wallet - Home automation solutions offer an array of benefits, from improved convenience to decreased energy bills. This article will explore the types of home automation systems available, as well as their cost and potential for energy efficiency. The ...
11 months ago Securityzap.com
Computer Software for Automation and Control by ARC Informatique - This updated advisory is a follow-up to the original advisory titled ICSA-22-354-03 ARC Informatique PcVue that was published December 20, 2022. It is possible for an unauthorized user to access the email account, SIM card, and other data sources ...
1 year ago Us-cert.cisa.gov
What Is Software Piracy? - Software piracy has become a worldwide issue, with China, the United States and India being the top three offenders. In 2022, 6.2% of people worldwide visited software piracy websites. Software piracy doesn't require a hacker or skilled coder. Any ...
11 months ago Pandasecurity.com
How to Get Started With Security Automation: Consider the Top Use Cases Within Your Industry - As the cybersecurity industry has matured, so has the approach security teams take to making decisions about investing in security tools. Instead of focusing on the latest product or technology, security professionals are focused on use cases such as ...
10 months ago Securityweek.com
AI and Automation - In recent years, developments in artificial intelligence and automation technology have drastically reshaped application security. On one hand, the progress in AI and automation has strengthened security mechanisms, reduced reaction times, and ...
11 months ago Feeds.dzone.com
Best practices for secure network automation workflows - Automation plays a critical role in modern networks. It helps network engineers manage networks with fewer repetitive manual tasks for greater agility. Network engineers cannot automate - or secure - what they don't understand. Understanding network ...
11 months ago Techtarget.com
Arc Browser Announces Bug Bounty Program Following RCE Vulnerability - The Arc Browser Company has introduced the Arc Bug Bounty Program to recognize the critical role of the security research community. Divya is a Senior Journalist at Cyber Security news covering Cyber Attacks, Threats, Breaches, Vulnerabilities and ...
2 months ago Cybersecuritynews.com
Arc browser's Windows launch targeted by Google ads malvertising - A new Google Ads malvertising campaign, coinciding with the launch of the Arc web browser for Windows, was tricking people into downloading trojanized installers that infect them with malware payloads. The Arc browser is a new web browser featuring ...
6 months ago Bleepingcomputer.com
Why RV Connex Chose Swimlane As "The Powerhouse" Of Their SOC - RV Connex is a Thailand-based company that specializes in national defense and space manufacturing. Since RV Connex has implemented security automation they have achieved significant progress. Tanajak Watanakij, Vice President of Cybersecurity and ...
11 months ago Securityboulevard.com
The dawn of the autonomous enterprise is on the horizon - 90% of IT decision-makers plan to deploy more automation, including AI, in the next 12 months, according to Digitate. 26% of respondents plan to implement machine-operated tasks that require limited human input or fully transition to autonomous ...
11 months ago Helpnetsecurity.com
Achieving Continuous Compliance - If you've ever explored regulatory compliance and cybersecurity, you'll understand the importance of continuous compliance in the digital age, where evolving technology and regulations require constant vigilance. This article will cover the ...
11 months ago Feeds.dzone.com
DevSecOps: Definition, Benefits and Best Practices - DevSecOps is an approach that focuses on the alignment of the three core pillars of DevOps — Development, Operations, and Security. It’s a combination of processes, tools and practices designed to enable organizations to adopt innovative and ...
1 year ago Heimdalsecurity.com
The Crucial Need for a Secure Software Development Lifecycle in Today's Digital Landscape - In today's increasingly digital world, software is the backbone of business operations, from customer-facing applications to internal processes. The rapid growth of software development has also made organizations more vulnerable to security threats. ...
10 months ago Cyberdefensemagazine.com
Understanding SBOMs - In recent years, the adoption of open-source software in development has surged, now comprising up to 90% of what's built. There is a crucial aspect to consider when integrating open-source software components. To make sure their software is safe, ...
11 months ago Securityboulevard.com
Harnessing Computer Vision for retail with AI - In the rapidly evolving retail sector, businesses are continually seeking innovative ways to gain a competitive edge, increase efficiency, and enhance the customer experience. One technology that's making a significant impact is computer vision, ...
10 months ago Feedpress.me
The Role of DevOps in Enhancing the Software Development Life Cycle - Software development is a complex and dynamic field requiring constant input, iteration, and collaboration. DevOps is more than just a methodology; it combines practices seamlessly integrating software development and IT operations for streamlining ...
10 months ago Feeds.dzone.com
Leveraging Automation for Risk Compliance in IT - Organizations often encounter the challenge of managing complex technology ecosystems while ensuring data security, compliance, and risk management. One crucial aspect of this challenge is risk compliance in IT environments, specifically Linux ...
1 year ago Securityboulevard.com
Wait, infosec isn't a computer science degree requirement? The Register - Comment There's a line in the latest plea from CISA - the US government's cybersecurity agency - to software developers to do a better job of writing secure code that may make you spit out your coffee. Jack Cable, a CISA senior technical advisor, ...
10 months ago Go.theregister.com
Wait, infosec isn't a computer science degree requirement? The Register - Comment There's a line in the latest plea from CISA - the US government's cybersecurity agency - to software developers to do a better job of writing secure code that may make you spit out your coffee. Jack Cable, a CISA senior technical advisor, ...
10 months ago Theregister.com
Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation - Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Cybersecurity company SafeBreach said it discovered three ...
1 year ago Thehackernews.com
Essential Features of Cybersecurity Management Software for MSPs - Protect your clients' businesses from cyber threats with Cybersecurity Management Software. A vital tool that aids MSPs in enhancing their cybersecurity practices is Cybersecurity Management Software. In this article, we will delve into the features ...
6 months ago Hackread.com
Drata unveils Adaptive Automation for streamlined compliance - Drata has unveiled a new offering, Adaptive Automation. Augmenting the scope of continuous control monitoring and evidence collection, Adaptive Automation empowers GRC professionals to save time and automate even more of their compliance program ...
8 months ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)