all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-23-1029: (Pwn2Own) Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability

Add to bookmarks
Aug. 4, 2023, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to write arbitrary files on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.

arbitrary file write attackers authentication data event exploit file files gateway log logs pwn2own scada vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-427: Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability 1 day, 2 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +17
ZDI-24-426: Adobe Acrobat Reader DC AcroForm Use-After-Free Information Disclosure Vulnerability 1 day, 2 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +19
ZDI-24-425: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 1 day, 2 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-424: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 1 day, 2 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-423: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 1 day, 2 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-422: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 1 day, 2 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-421: SonicWALL GMS Virtual Appliance ECMClientAuthenticator Hard-Coded Credential Authentication Bypass Vulnerability 1 day, 2 hours ago | www.zerodayinitiative.com
attackers authentication authentication bypass bypass +14
ZDI-24-420: SonicWALL GMS Virtual Appliance ECMPolicy XML External Entity Processing Information Disclosure Vulnerability 1 day, 2 hours ago | www.zerodayinitiative.com
attackers authentication can cve +19
ZDI-24-419: (Pwn2Own) Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability 1 week ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information Security Problem Manager

@ Deutsche Bank | Bucharest
View on infosec-jobs.com

Information System Security Officer

@ Booz Allen Hamilton | USA, VA, Chantilly (15009 Conference Ctr Dr)
View on infosec-jobs.com

Senior Account Executive - Cybersecurity

@ OpenText | Virtual, CA
View on infosec-jobs.com

Grants Compliance Senior Specialist

@ Plan International | Bamako, Mali
View on infosec-jobs.com

Sr. Cybersecurity Engineer- Tenable

@ phia, LLC | Arlington, VA
View on infosec-jobs.com

Portfolio Manager- Enterprise Information Security Auditing

@ American Chemical Society | Columbus, OH, US, 43202
View on infosec-jobs.com
View more jobs