[EN] Authenticated Command Injection in Intelbras WiFiber 120AC inMesh

Title: Authenticated Command Injection Product: Intelbras WiFiber 120AC inMesh Vulnerable version: 1.1-220216 Fixed version: 1-1-220826 CVE: CVE-2022-40005 Impact: High Homepage: https://www.intelbras.com Found: 2022-08-01 The Intelbras WiFiber 120AC inMesh is prone to an authenticated command injection vulnerability. This vulnerability can be used to execute arbitrary commands on the device. "We are Intelbras. A company that for 45 years has been offering innovative solutions in security, networks, communication and energy. Our dream began to come to life there in 1976, in the city of São José, having originated from an...

Oktober 9, 2022AdvisoryRead more...

[2 … 3] Conference – ITSecX “Faking at Level 1 – How Digital Twins Save Your PLCs”

2 out of 3 confirmed conference talks for 2022 - this time at ITSecX. On the 7th of October the well known cyber security conference in Austria took place - IT-Security Community Exchange (IT-SECX) at the St. Pölten University of Applied Sciences ! This years main topic was themed "Cyber Defense" with the keynote "The Law, Policy and Diplomacy of Critical Infrastructure Protection". Since the topics "Critical Infrastructure Protection" go hand in hand with OT and furthermore with the use...

Oktober 7, 2022ConferenceRead more...

HITB2022 Singapore conference impressions and post-review

Conference 1 of 3 for this year... Starting with the first international one in Singapore - here are a few post-thoughts and insights to share. By the way - if you missed the topic by itself - link to the program: conference.hitb.org/faking-at-level-1-how-digital-twins-save-your-plcs/ the conference started with an thrilling keynote about thousands of insecure things and xIoT; went on with talks about fuzzing of MCUs, kernel module exploitation and API security; having a lunch break with a great meetup in the main area...

August 27, 2022ConferenceRead more...

[1 ... 3] Conference - HITB2022 Singapore "Faking at Level 1 – How Digital Twins Save Your PLCs"

1 out of 3 confirmed, upcoming conference talks for 2022 - guess where - in Singapore Hack In The Box (HITB). On our list the topic of digital twins and how they are going to secure the OT environment. We are looking forward to OT, embedded and industry security on 25th of August. Every year, numerous big and small incidents in industrial environments, like power plants, factories, or food supply find their way into newspapers. All those affected industries are...

August 25, 2022ConferenceRead more...

Author - CyberDanube