CyberSecurityBoard
Sponsor Register Login

Ethercat Zeek Plugin

RISK EVALUATION. Successful exploitation of these vulnerabilities could allow remote code execution.
Industrial Control Systems Network Protocol Parsers - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write in their primary analyses function for Ethercat communication packets.
CVE-2023-7244 has been assigned to this vulnerability.
A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is.
Industrial Control Systems Network Protocol Parsers - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write while analyzing specific Ethercat datagrams.
CVE-2023-7243 has been assigned to this vulnerability.
Industrial Control Systems Network Protocol Parsers - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds read during the process of analyzing a specific Ethercat packet.
CVE-2023-7242 has been assigned to this vulnerability.
A CVSS v3.1 base score of 8.2 has been calculated; the CVSS vector string is.
To help reduce successful exploitation, users are encouraged to keep critical software updates and patches up to date in their system networks.
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
When remote access is required, use more secure methods, such as Virtual Private Networks, recognizing VPNs may have vulnerabilities and should be updated to the most current version available.
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.
Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.


This Cyber News was published on www.cisa.gov. Publication date: Tue, 20 Feb 2024 17:13:07 +0000


Cyber News related to Ethercat Zeek Plugin

Ethercat Zeek Plugin - RISK EVALUATION. Successful exploitation of these vulnerabilities could allow remote code execution. Industrial Control Systems Network Protocol Parsers - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write in their ...
9 months ago Cisa.gov
CVE-2023-7242 - ...
8 months ago
CVE-2023-7243 - ...
8 months ago
CVE-2023-7244 - Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat ...
8 months ago
CVE-2012-4293 - plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of ...
6 years ago
CVE-2021-41732 - ** DISPUTED ** An issue was discovered in zeek version 4.1.0. There is a HTTP request splitting vulnerability that will invalidate any ZEEK HTTP based security analysis. NOTE: the vendor's position is that the observed behavior is intended. ...
2 years ago
Week in review: MOVEit auth bypass flaws quitely fixed, open-source Rafel RAT targets Androids - Progress quietly fixes MOVEit auth bypass flawsProgress Software has patched one critical and one high-risk vulnerability in MOVEit, its widely used managed file transfer software product. Open-source Rafel RAT steals info, locks Android devices, ...
4 months ago Helpnetsecurity.com
CVE-2021-24752 - Multiple Plugins from the CatchThemes vendor do not perform capability and CSRF checks in the ctp_switch AJAX action, which could allow any authenticated users, such as Subscriber to change the Essential Widgets WordPress plugin before 1.9, To Top ...
2 years ago
$937 Bounty Awarded for Privilege Escalation and Local File Inclusion Vulnerabilities Patched in MasterStudy LMS WordPress Plugin - On February 25th, 2024, during our second Bug Bounty Extravaganza, we received a submission for a Privilege Escalation vulnerability in MasterStudy LMS, a WordPress plugin with more than 10,000 active installations. The next day on February 26th, ...
7 months ago Wordfence.com
Type Juggling Leads to Two Vulnerabilities in POST SMTP Mailer WordPress Plugin - On December 14th, 2023, during our Bug Bounty Program Holiday Bug Extravaganza, we received a submission for an Authorization Bypass vulnerability in POST SMTP Mailer, a WordPress plugin with over 300,000+ active installations. This vulnerability ...
10 months ago Wordfence.com
Developer Accounts Compromised Due to Credential Reuse in WordPress.org Supply Chain Attack - On June 24th, 2024, the Wordfence Threat Intelligence Team became aware of a WordPress plugin, Social Warfare, that was infected with malware through the WordPress repository. We immediately notified the WordPress Plugin's Team and they removed the ...
4 months ago Wordfence.com
CVE-2024-32003 - wn-dusk-plugin (Dusk plugin) is a plugin which integrates Laravel Dusk browser testing into Winter CMS. The Dusk plugin provides some special routes as part of its testing framework to allow a browser environment (such as headless Chrome) to act as a ...
7 months ago Tenable.com
CVE-2022-4888 - The Checkout Fields Manager WordPress plugin before 1.0.2, Abandoned Cart Recovery WordPress plugin before 1.2.5, Custom Fields for WooCommerce WordPress plugin before 1.0.4, Custom Order Number WordPress plugin through 1.0.1, Custom Registration ...
1 month ago
Too Much Escaping Backfires, Allows Shortcode-Based XSS Vulnerability in Contact Form Entries WordPress Plugin - On February 24th, 2024, during our second Bug Bounty Extravaganza, we received a submission for a stored Cross-Site Scripting vulnerability in Contact Form Entries, a WordPress plugin with more than 60,000+ active installations. The vulnerability ...
8 months ago Wordfence.com
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 23, 2024 to September 29, 2024) - Software Name Software Slug 012 Ps Multi Languages 012-ps-multi-languages ABC APP CREATOR abcapp-creator Absolute Reviews absolute-reviews Accordion accordions Ads by WPQuads – Adsense Ads, Banner Ads, Popup Ads quick-adsense-reloaded Advanced File ...
1 month ago Wordfence.com
CVE-2020-12494 - Beckhoff's TwinCAT RT network driver for Intel 8254x and 8255x is providing EtherCAT functionality. The driver implements real-time features. Except for Ethernet frames sent from real-time functionality, all other Ethernet frames sent through the ...
2 years ago
CVE-2020-36666 - The directory-pro WordPress plugin before 1.9.5, final-user-wp-frontend-user-profiles WordPress plugin before 1.2.2, producer-retailer WordPress plugin through TODO, photographer-directory WordPress plugin before 1.0.9, real-estate-pro WordPress ...
1 year ago
CVE-2023-2362 - The Float menu WordPress plugin before 5.0.2, Bubble Menu WordPress plugin before 3.0.4, Button Generator WordPress plugin before 2.3.5, Calculator Builder WordPress plugin before 1.5.1, Counter Box WordPress plugin before 1.2.2, Floating Button ...
1 year ago
CVE-2023-49839 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KlbTheme Cosmetsy theme (core plugin), KlbTheme Partdo theme (core plugin), KlbTheme Bacola theme (core plugin), KlbTheme Medibazar theme ...
7 months ago
CVE-2019-12175 - In Zeek Network Security Monitor (formerly known as Bro) before 2.6.2, a NULL pointer dereference in the Kerberos (aka KRB) protocol parser leads to DoS because a case-type index is mishandled. ...
5 years ago
CVE-2021-24219 - The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before 2.3.9.4, Thrive Ultimatum WordPress plugin before ...
2 years ago
WP Fastest Cache plugin bug exposes 600K WordPress sites to attacks - The WordPress plugin WP Fastest Cache is vulnerable to an SQL injection vulnerability that could allow unauthenticated attackers to read the contents of the site's database. WP Fastest Cache is a caching plugin used to speed up page loads, improve ...
11 months ago Bleepingcomputer.com
CVE-2023-45133 - Babel is a compiler for writingJavaScript. In `@babel/traverse` prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of `babel-traverse`, using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code ...
1 year ago
Critical Unauthenticated Remote Code Execution Found in Backup Migration Plugin - Wordfence just launched its bug bounty program. On December 5th, 2023, shortly after the launch of our Holiday Bug Extravaganza, we received a submission for a PHP Code Injection vulnerability in Backup Migration, a WordPress plugin with over 90,000+ ...
11 months ago Wordfence.com
30,000 WordPress Sites affected by Arbitrary SQL Execution Vulnerability Patched in Visualizer WordPress Plugin - On April 10th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an authenticated SQL Execution vulnerability in Visualizer, a WordPress plugin with more than 30,000 active installations. Props to Krzysztof Zając who ...
6 months ago Wordfence.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)