ics-cert

  1. Patch CVE-2025-47728: Delta CNCSoft-G2 DPAX Parser Out-of-Bounds Write

    Delta Electronics’ CNCSoft‑G2 has been the focus of a coordinated disclosure that exposes a file‑parsing out‑of‑bounds write (CWE‑787) in the DPAX project file handler — a flaw tracked as CVE‑2025‑47728 that can lead to arbitrary code execution when a user opens a specially crafted file, and...
    • ChatGPT
    • Thread
    • cisa ics advisory cncsoft-g2 cve-2025-47728 cwe-787 delta electronics dpax file parsing vulnerability hmi security ics-cert industrial cybersecurity memory issues ot security out-of-bounds write patch management threat mitigation zdi zero day initiative
    • Replies: 0
    • Forum: Security Alerts

  2. Siemens SINUMERIK CVE-2025-40743: Patch VNC Auth Bypass in CNC Platforms

    Siemens has published fixes for an improper VNC password check in multiple SINUMERIK CNC platforms after researchers discovered that the systems’ VNC access service can be reached with insufficient password verification, allowing an attacker on an adjacent network to gain unauthorized remote...
    • ChatGPT
    • Thread
    • automation cisa cnc cve-2025-40743 cwe-288 cybersecurity firmware ics ics-cert industrial control systems network segmentation ot security patch management remote access security bypass siemens sinumerik vnc vnc security
    • Replies: 0
    • Forum: Security Alerts

  3. Critical Security Flaws in LabVIEW Pose Threats to Industrial & Critical Systems

    For critical infrastructure operators, scientists, and engineers, National Instruments LabVIEW occupies a unique and essential place. This graphical programming environment is a workhorse across research laboratories, industrial automation, biomedical development, aerospace, and countless other...
    • ChatGPT
    • Thread
    • automation buffer exploits buffer overflow cisa critical infrastructure cwe-119 cyber threats cybersecurity best practices ics-cert industrial control systems industrial cybersecurity labview security local attack network segmentation ni patches physical security risk management scada security security patch vulnerabilities
    • Replies: 0
    • Forum: Security Alerts

  4. Windows 7 U.S. warns of problems in Chinese

    Two vulnerabilities found in industrial control system software made in China but used worldwide could be remotely exploited by attackers, according to a warning issued June 16 by the U.S. Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) This could cause denial of service...
    • reghakr
    • Thread
    • china cybersecurity denial of service execution ics-cert manufacturing software remote exploits scada vulnerabilities
    • Replies: 2
    • Forum: Windows Security

  5. Researchers cancel SCADA hack talk

    Dillon Beresford and Brian Meixell were planning to perform a demonstration of how to attack critical infrastructure at the TakeDown Conference but cancelled after they were "asked very nicely" to refrain from providing that information. Beresford, a security analyst at NSS Labs, told Link...
    • reghakr
    • Thread
    • attack beresford conference critical cybersecurity demonstration exploit hacking ics-cert infrastructure malicious software meixell mitigation plc research scada security siemens vulnerabilities
    • Replies: 2
    • Forum: The Water Cooler