CyberSecurityBoard
Sponsor Register Login

Multiple SCADA Vulnerabilities Let Attackers Trigger DoS & Elevate Privileges

The security flaws, discovered in ICONICS Suite versions 10.97.2 and 10.97.3 for Windows platforms, could enable attackers to escalate privileges, trigger denial-of-service conditions, and potentially achieve full system compromise if left unpatched. Researchers at Plao Alto Networks shown how the installation modifies the access control list for C:\ProgramData\ICONICS, where every logged user on the system is granted full access rights to critical configuration files, potentially allowing attackers to hijack system components. If the DLL isn’t found in system directories, the application searches the current working directory, allowing attackers to place malicious DLLs for execution with elevated privileges. Multiple critical vulnerabilities in ICONICS SCADA systems were uncovered recently by the researchers from Palo Alto Networks’ Unit 42, widely deployed across government, military, manufacturing, and utility sectors. The vulnerabilities affect the ICONICS Genesis64 suite, which establishes connectivity with operational technology (OT) device protocols including BACnet and Modbus, while facilitating communication with OPC servers. When users install the GenBroker32 utility, it triggers permission changes in critical directories containing key binaries and configuration files for the ICONICS Suite. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. When a user initiates an ANSI modem, it starts the Memory Master configuration tool (MMCfg.exe). During execution, this tool attempts to load a file named REVERB1.dll without proper path specification. As Windows searches for this DLL in the current working directory, attackers can place a malicious DLL to achieve arbitrary code execution. Palo Alto Networks customers are protected through various security products including Industrial OT Security, Cortex XDR, XSIAM, and Cortex Xpanse.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 11 Mar 2025 15:40:11 +0000


Cyber News related to Multiple SCADA Vulnerabilities Let Attackers Trigger DoS & Elevate Privileges

CVE-2021-36845 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions < 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. ...
3 years ago
Unpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to Attacks - The Rapid SCADA open source industrial automation platform is affected by several vulnerabilities that could allow hackers to gain access to sensitive industrial systems, but the flaws remain unpatched. The US cybersecurity agency CISA published an ...
1 year ago Securityweek.com
UK Government Releases Cloud SCADA Security Guidance - The UK's National Cyber Security Centre released security guidance on Monday to help organizations that use operational technology determine whether they should migrate their supervisory control and data acquisition systems to the cloud. SCADA ...
11 months ago Securityweek.com
CVE-2007-0228 - The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) ...
7 years ago
Multiple SCADA Vulnerabilities Let Attackers Trigger DoS & Elevate Privileges - The security flaws, discovered in ICONICS Suite versions 10.97.2 and 10.97.3 for Windows platforms, could enable attackers to escalate privileges, trigger denial-of-service conditions, and potentially achieve full system compromise if left unpatched. ...
13 hours ago Cybersecuritynews.com
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 23, 2024 to September 29, 2024) - Software Name Software Slug 012 Ps Multi Languages 012-ps-multi-languages ABC APP CREATOR abcapp-creator Absolute Reviews absolute-reviews Accordion accordions Ads by WPQuads – Adsense Ads, Banner Ads, Popup Ads quick-adsense-reloaded Advanced File ...
5 months ago Wordfence.com Slug
CVE-2019-13363 - admin.php?pagenotification_by_mail in Piwigo 2.9.5 has XSS via the nbm&#95;send&#95;html&#95;mail, nbm&#95;send&#95;mail&#95;as, nbm&#95;send&#95;detailed&#95;content, ...
2 years ago
CVE-2023-52587 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
CVE-2020-28092 - PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?gTeam&mTask&amy&status3&id,?gTeam&mTask&amy&status0&id,?gTeam&mTask&amy&status1&id,?gTeam&mTask&amy&status10&id ...
4 years ago
US offering $15m for info on ALPHV/Blackcat ransomware crew The Register - Infosec in brief The US government is offering bounties up to $15 million as a reward for anyone willing to help it take out the APLHV/Blackcat ransomware gang. ALPHV has made a habit of going after critical infrastructure targets, and last week ...
1 year ago Go.theregister.com CVE-2024-23816 CVE-2023-51440 CVE-2024-22042
Mimecast Acquires User Education Startup Elevate Security - Email security mainstay Mimecast on Thursday announced the acquisition of Elevate Security, a venture-backed startup working on technology in the user-education and awareness training space. Financial terms of the transaction were not released. The ...
1 year ago Securityweek.com
CVE-2008-2639 - Stack-based buffer overflow in the ODBC server service in Citect CitectSCADA 6 and 7, and CitectFacilities 7, allows remote attackers to execute arbitrary code via a long string in the second application packet in a TCP session on port 20222. The ...
6 years ago
How Do Industrial Control Systems Work - An industrial control system (ICS) is a type of computer system that is used to monitor and control industrial processes and infrastructure. These systems are used in a variety of industries, such as oil and gas, chemical, water and wastewater, ...
2 years ago Heimdalsecurity.com
Mimecast Announces Acquisition of Elevate Security - In a pivotal move that elevates cybersecurity to a new level, Mimecast, a leading email and collaboration security company, has acquired Elevate Security, a pioneer in human risk management solutions. This strategic acquisition promises a paradigm ...
1 year ago Cybersecuritynews.com
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
9 months ago Securityaffairs.com
CVE-2018-16371 - PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: gTeam&mUser&aindex&keyword, gTeam&mUser_group&aindex&keyword, gTeam&mDepartment&aindex&keyword, and ...
6 years ago
Warfare and Geopolitics are Fuelling Denial-of-Service Attacks - The analysis is based on 310 verified Denial-of-Service incidents during the reporting period of January 2022 to August 2023. A large-scale study is also included of publicly reported incidents. The study focuses on the motivations of attackers, ...
1 year ago Enisa.europa.eu
Strobes 2023 Pentesting Recap: Trends, Stats, and How PTaaS is Transforming Cybersecurity - This article covers some amazing statistics on what category of vulnerabilities we commonly report across 100s of customers, and how we reduce compliance times and turn around time to reporting critical vulnerabilities. In a different article, we ...
1 year ago Securityboulevard.com
CVE-2022-29422 - Multiple Authenticated (admin+) Persistent Cross-Site Scripting (XSS) vulnerabilities in Adam Skaat's Countdown & Clock plugin < 2.3.2 at WordPress via &ycd-countdown-width, &ycd-progress-height, &ycd-progress-width, ...
2 years ago
CVE-2020-10094 - A cross-site scripting (XSS) vulnerability in Lexmark CS31x before LW74.VYL.P273; CS41x before LW74.VY2.P273; CS51x before LW74.VY4.P273; CX310 before LW74.GM2.P273; CX410 & XC2130 before LW74.GM4.P273; CX510 & XC2132 before LW74.GM7.P273; ...
4 years ago
CVE-2019-13977 - index.php in Ovidentia 8.4.3 has XSS via tggroups, tgmaildoms&idxcreate&userid0&bgrpy, tgdelegat, tgsite&idxcreate, tgsite&item4, tgadmdir&idxmdb&id1, tgnotes&idxCreate, tgadmfaqs&idxAdd, or ...
5 years ago
CVE-2024-36003 - In the Linux kernel, the following vulnerability has been resolved: ...
9 months ago
Don't get hacked! Apply the right vulnerability metrics to Kubernetes scans - As you read this, I'd like you to keep in mind that CVSS was never intended to be that end-all software vulnerability scoring system. Doesn't reflect actual risk - CVSS provides a base score that represents the inherent severity of a vulnerability in ...
1 year ago Securityboulevard.com
Why CVEs Are an Incentives Problem - I've been thinking about some of these unintended consequences in the context of a growing problem faced by all of us in cybersecurity: how a fast-rising tide of software vulnerabilities tracked as common vulnerabilities and exposures - are reported ...
9 months ago Darkreading.com
Creating a formula for effective vulnerability prioritization - In this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. Gorelik discusses challenges posed by regulatory frameworks, incomplete asset ...
1 year ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)