Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2023-1142PUBLISHED: 2023-03-27In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation.
CVE-2023-1143PUBLISHED: 2023-03-27In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use Lua scripts, which could allow an attacker to remotely execute arbitrary code.
CVE-2023-1144PUBLISHED: 2023-03-27Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contains an improper access control vulnerability in which an attacker can use the Device-Gateway service and bypass authorization, which could result in privilege escalation.
CVE-2023-1145PUBLISHED: 2023-03-27Delta Electronics InfraSuite Device Master versions prior to 1.0.5 are affected by a deserialization vulnerability targeting the Device-DataCollect service, which could allow deserialization of requests prior to authentication, resulting in remote code execution.
CVE-2023-1655PUBLISHED: 2023-03-27Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.
User Rank: Ninja
5/11/2015 | 5:53:59 PM
My youngest is a brute and quite the hacker. I suspect she'll be the one with eyes on the software industry as a career, and probably she will enjoy InfoSec since breaking into things is her passion, clearly, and she's not even two.
I think a major part of this deficiency across the board in tech industries of women in various roles has as much to do with the parents as with the schools the kids go to, or the tech culture in general. I had to discover the world of electronics and computing on my own with absolutely no encouragement on the home-front – exposure is also half the battle won. For my daughters, I plan on making sure they get every opportunity, and hope that - as they learn - it isn't once pointed out to them that because they are female, some employers might not want to hire them, or that some schools might not think they will be interested in certain classes, or that some of their friends might look at them funny when they break out their sticker-covered laptops to write some code between classes instead of doing whatever it is girls who don't do that do...
For me, I try to balance it all out, but every day should be Father-Daughter nerd/geek day, as far as I'm concerned, since the daughters need to hear from their Dads that "it's perfectly OK to want to crawl under a car with a set of tools, to build your own robot or Arduino cluster, and certainly OK to be interested in InfoSec and enjoy breaking into systems to make them better."