Critical root gap threatens industrial control system WebHMI

Share your love

Due to two as “critical“Classified security gaps in WebHMI could give attackers access to the control of industrial plants. The software manufacturer Distributed Data Systems has released a version prepared against it.

As indicated in a warning from the Cybersecurity & Infrastructure Security Agency (CISA), attackers could log in as admin without a password and execute malicious code with root rights. It doesn’t get any worse and if such attacks are successful, systems are usually considered to have been completely compromised.

It is currently not known what the attacks could look like in detail and whether the attackers are already exploiting the vulnerabilities (CVE-2021-43932, CVE-2021-43936). The developers state the security issues in the Version 4.1 to have got rid of the world. All previous editions are said to be vulnerable.


Article Source

Read Also   This is the hidden meaning of WhatsApp hearts
Share your love