Category: security advisory

security advisory

[ICS] LAquis SCADA Advisory published

ICS-CERT published an advisory on one of my reports recently –
https://ics-cert.us-cert.gov/advisories/ICSA-17-075-01

LCDS – Leão Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA Access Control Vulnerability

Vendor: LCDS – Leão Consultoria e Desenvolvimento de Sistemas LTDA ME
Equipment: LAquis SCADA
Vulnerability: Improper Access Control

security advisory

PostgreSQL pgAdmin4 – Insecure Library Loading Allows Code Execution

This vulnerability can allow attackers to execute arbitrary code on vulnerable installations of pgAdmin4 software. pgAdmin4 is a GUI application for database server administration, and comes packaged with PostgreSQL package.

User interaction is required to exploit this vulnerability in that the malicious dll file(s) should be saved in any of the DLL search paths.

Confirmed on products
pgAdmin4 v1.1: Current version packaged with PostgreSQL v9.6.1.1 (Windows x86 Current version)

security advisory

[ICS] Carlo Gavazzi VMUC-EM Energy Meter – Multiple Vulnerabilities

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-012-03

CVE-IDs
CVE-2017-5144
CVE-2017-5145
CVE-2017-5146

security advisory

[ICS] BINOM3 Electric Power Quality Meter – Multiple Vulnerabilities

Hacking Binom3 Electric Power Quality Meters

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A

security advisory

[ICS] ELNet Energy meter & Electrical powermeter – multiple vulnerabilities

ELNet Energy meter & Electrical Powermeter vulnerabilities – another case of poor software security practices.

security advisory

[ICS] Multiple vulnerabilities – Powerlogic/Schneider Electric IONXXXX series Smart Meters

Multiple security issues in Powerlogic/Schneider Electric IONXXXX series power meters

The following IONXXXX series power meter versions are affected:
ION73XX series,
ION75XX series,
ION76XX series,
ION8650 series,
ION8800 series, and
PM5XXX series.

security advisory

Halliburton LogView Pro 9.7.5 – (.cgm/.tif/.tiff/.tifh) Crash PoC

Halliburton LogView Pro 9.7.5 – (.cgm/.tif/.tiff/.tifh) Denial of Service Crash exploit

https://www.exploit-db.com/exploits/40192/

security advisory

mySCADAPro v7 Local Privilege Escalation

mySCADAPro v7 Local Privilege Escalation

Reporting a vulnerability in mySCADAPro version 7 (current version).

Vendor: mySCADA Technologies s.r.o.
Product web page: https://www.myscada.org/
Affected application: myscadaPro
Affected version: v7 (Current version)

security advisory

RS232-NET Converter (model JTC-200) – Multiple vulnerabilities

Exploiting RS232-NET Converter (model JTC-200)

Seen deployed in:
CHTD, Chunghwa Telecom Co., Ltd. (Taiwan)
HiNet (Taiwan & China)
PT Comunicacoes (Portugal)
Sony Network Taiwan Limited (Taiwan)
Vodafone Portugal (Portugal)

security advisory

CIMA DocuClass Enterprise Content Management – Multiple Vulnerabilities

On a recent pentest, I came across CIMA DocuClass Enterprise Content Management application. I found multiple security vulnerabilities which can lead to unauthorized access to stored documents, access to underlying database, and code execution on the server via SQL Injection.

No response from vendor as expected. Read on.