Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-43762PUBLISHED: 2023-02-08Lack of verification in B&R APROL Tbase server versions < R 4.2-07 may lead to memory leaks when receiving messages
CVE-2022-43763PUBLISHED: 2023-02-08Insufficient check of preconditions could lead to Denial of Service conditions when calling commands on the Tbase server of B&R APROL versions < R 4.2-07.
CVE-2022-43764PUBLISHED: 2023-02-08Insufficient validation of input parameters when changing configuration on Tbase server in B&R APROL versions < R 4.2-07 could result in buffer overflow. This may lead to Denial-of-Service conditions or execution of arbitrary code.
CVE-2022-43765PUBLISHED: 2023-02-08B&R APROL versions < R 4.2-07 doesn’t process correctly specially formatted data packages sent to port 55502/tcp, which may allow a network based attacker to cause an application Denial-of-Service.
CVE-2022-2094PUBLISHED: 2023-02-08The Yellow Yard Searchbar WordPress plugin before 2.8.2 does not escape some URL parameters before outputting them back to the user, leading to Reflected Cross-Site Scripting
User Rank: Apprentice
6/22/2020 | 12:54:07 PM
Driving cultrual change requires trainig - this includes with no doubt Cyber defense trainig to people and teams that ahd nothin to do with this is the past
Operational aspects that were not heard of or pushed aside for years happened within days . Hopefully the same openess and flexibility mode happens with the right cyber defense plan . From my perosnal experice I see that some do and some dont. It will be intersting to see waht industires will catch up faster than others