eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Server stats:

213
active users

#OT

0 posts0 participants0 posts today

#OT #Advisory #Update VDE-2023-046
WAGO: Multiple products vulnerable to local file inclusion

An attacker with administrative privileges which can access sensitive files can additionally access them in an unintended, undocumented way.
UPDATE 07.05.2025: The fixed versions have been updated, because the previously mentioned versions are still vulnerable to this issue. More details have been added to the hardware devices. More affected version numbers were added to the firmwares.
#CVE CVE-2023-4089

certvde.com/en/advisories/VDE-

#CSAF wago.csaf-tp.certvde.com/.well

certvde.comVDE-2023-046 | CERT@VDEAdvisories

🚀 Wir sind auf der #HM25! Besuchen Sie uns z. B. im 𝗜𝗻𝗱𝘂𝘀𝘁𝗿𝗶𝗮𝗹 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗖𝗶𝗿𝗰𝘂𝘀 𝗶𝗻 𝗛𝗮𝗹𝗹𝗲 𝟭𝟲, 𝗦𝘁𝗮𝗻𝗱 𝗔𝟭𝟮 (𝟵) und erfahren Sie, wie Sie die Sicherheit und Robustheit Ihrer vernetzten Industrieanlagen testen und verbessern können. Außerdem demonstrieren wir Ihnen in unserem #Lernlabor #Cybersicherheit für die Energie- und Wasserversorgung, wie Cyberattacken wirken und wie Sie sich dagegen schützen können. 🔒

Mehr Infos: www.iosb.fraunhofer.de/hm25

#Moxa warns of two flaws in its #routers and security #appliances that enable privilege escalation and remote command execution.

"Moxa addressed privilege escalation and OS command injection #vulnerabilities in cellular routers, secure routers, and network security appliances."

CVE-2024-9138 (CVSS 4.0 score: 8.6)
CVE-2024-9140 (CVSS 4.0 score: 9.3)

#KRITIS #OT #RCE
securityaffairs.com/172770/ics

Security Affairs · Moxa router flaws pose serious risks to industrial environmetsMoxa warns of two flaws in its routers and security appliances that enable privilege escalation and remote command execution.

📌 Claroty is growing and looking to hire a Partner Services Offering Architect who embodies our core values: People First, Customer Obsession, Strive for Excellence, and Integrity. This individual will manage the technical implementation and execution of our partner-focused services program and drive long-term customer value. More info and apply here: claroty.com/open-positions/05.

Ahoy infosec.exchange!

After I've been lurking around here for quite a while, I think it's time for an #introduction.

My current Mastodon mode of operation is to randomly stick my head into this collaborative stream of consciousness from time to time, observe whatever floats by quietly and most likely leave without any interaction.

In general, I seek to understand the reality we live in and try to figure out how to improve it. This involves far too many details and unfortunately I tend to engage in all kinds of side quests instead of working on what matters the most.

I've not decided yet how much and what parts of myself I want to disclose around here. So, expect some more lurking. If I post something, it will probably revolve around #automation, #communication, #cybersecurity, #education, #it, #networks, #ot, #privacy or #python.