CISA has published an advisory on a classic buffer overflow vulnerability in Siemens LOGO! Web Server. Numerous versions are affected. Successful exploitation of this vulnerability could allow remote code execution. Should the attacker gain access to the session cookies, they could then hijack the session and perform arbitrary actions in the name of the victim. Siemens recommends users apply upgrades. It has also identified specific workarounds and mitigations customers can apply to reduce the risk. CISA also recommends a series of measures to mitigate the vulnerability. Access the advisory at CISA.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!