Monthly
WebCTRL Premium Server contains a port binding vulnerability that allows an attacker with local access to bind to the same network port used by the WebCTRL service. This enables the attacker to send malicious packets and impersonate the legitimate WebCTRL service without injecting code into the application, potentially compromising confidentiality and integrity of building automation system communications. The vulnerability affects Automated Logic's WebCTRL Premium Server and has been disclosed by ICS-CERT, though no KEV listing or public POC is currently documented.
Tanium addressed a denial of service vulnerability in Tanium Client. [CVSS 3.3 LOW]
WebCTRL Premium Server contains a port binding vulnerability that allows an attacker with local access to bind to the same network port used by the WebCTRL service. This enables the attacker to send malicious packets and impersonate the legitimate WebCTRL service without injecting code into the application, potentially compromising confidentiality and integrity of building automation system communications. The vulnerability affects Automated Logic's WebCTRL Premium Server and has been disclosed by ICS-CERT, though no KEV listing or public POC is currently documented.
Tanium addressed a denial of service vulnerability in Tanium Client. [CVSS 3.3 LOW]