All news with #denial of service tag

⚠️ CISA warns of multiple critical vulnerabilities in CloudCharge cloudcharge.se affecting OCPP WebSocket endpoints (four CVEs, highest CVSS 9.4). Exploits can enable station impersonation, session hijacking, credential exposure, and large-scale denial of service by suppressing or misrouting telemetry. CloudCharge did not respond to coordination requests; operators should apply network mitigations and restrict Internet exposure. CISA identifies Energy and Transportation sectors as at risk worldwide.

🔒 Successful exploitation of vulnerabilities in SWITCH EV charging infrastructure could allow attackers to impersonate charging stations, hijack sessions, suppress or misroute legitimate telemetry, and manipulate backend data. The advisory identifies four CVEs affecting all product versions, including CVE-2026-27767 with a CVSS 3.1 base score of 9.4 (Critical). Vendor coordination was not received; CISA recommends minimizing network exposure, isolating control-system networks, using secure remote access, and contacting the vendor for remediation status. No known public exploitation has been reported.

🔒 CISA reports multiple critical vulnerabilities in EV2GO ev2go.io WebSocket interfaces that allow unauthenticated actors to impersonate charging stations, hijack sessions, and manipulate backend data. Exploitation can lead to large-scale denial of service, suppression or misrouting of legitimate telemetry, and unauthorized control of charging infrastructure; affected versions are all and the highest CVSS score is 9.4. Vendor coordination was not received; operators should minimize Internet exposure, isolate ICS networks, and implement stronger authentication, session management, and rate limiting.

⚠ Mobility46 charging stations running mobility46.se are affected by multiple OCPP WebSocket vulnerabilities that can allow unauthorized administrative access, session hijacking, credential exposure, and denial-of-service. Four CVEs are documented, including one critical issue with a CVSS 3.1 base score of 9.4. Mobility46 did not respond to CISA coordination; operators should isolate devices, apply network controls, and contact the vendor for guidance.

🔒 CISA warns of multiple critical and high-severity vulnerabilities in EV Energy ev.energy software that could permit unauthorized administrative control, session hijacking, credential exposure, and denial-of-service against charging stations. The advisory identifies four CVEs (including CVE-2026-27772) affecting all versions and assigns a top CVSS score of 9.4 for the most severe issue. EV Energy did not respond to coordination requests; CISA recommends vendor fixes and immediate network hardening, including minimizing Internet exposure and restricting access to charge point endpoints.

🔒 Schneider Electric has released patches for multiple vulnerabilities in EcoStruxure Building Operation Workstation and WebStation that could disclose local files, enable execution of unintended code, or cause denial-of-service. Affected 6.x and 7.0.x builds should be updated to the vendor-supplied patch builds immediately to mitigate exposure. The issues are tracked as CVE-2026-1227 (XXE) and CVE-2026-1226 (code generation/control). If immediate patching is not possible, implement recommended mitigations — network segmentation, strict access controls, MFA for EBO 7.0+, monitoring, and adherence to EBO hardening guidance — to reduce operational risk.

⚠ The PUSR USR-W610 Wi‑Fi router contains multiple vulnerabilities that can disable authentication, expose credentials in transit and in the UI, and permit deauthentication-based denial-of-service. Affected firmware versions are <= 3.1.1.0; the most severe issue carries a CVSSv3 base score up to 9.8. The vendor has declared the product end-of-life and does not plan to issue patches. CISA advises minimizing network exposure, isolating affected devices behind firewalls, and using secure remote-access methods while applying other compensating controls.

🛡️ The massive Kimwolf IoT botnet has been disrupting the I2P anonymity network after thousands of infected devices attempted to join as nodes, overwhelming relays and degrading connectivity. Users reported a rapid influx of new routers and widespread connection failures starting around Feb. 3, and developers linked the outages to a Sybil-style flood. Kimwolf operators later admitted they tried to register roughly 700,000 bots on I2P, and the network is currently running at reduced capacity while a stability update is rolled out.

⚠ AVEVA's PI Data Archive contains an uncaught-exception vulnerability (CVE-2026-1507) that can allow an unauthenticated remote attacker to crash PI core services and cause denial of service. Affected versions include PI Server <=2018_SP3_Patch_7, 2023 (including 2023_Patch_1), and 2024. The issue has a CVSS 3.1 base score of 7.5 (High). AVEVA recommends upgrading to PI Server 2024 R2 or applying vendor patches and restricting inbound access to TCP port 5450.

🔒 Unit 42 researchers discovered CVE-2025-0921, a privileged file system operations vulnerability in Iconics Suite (GENESIS64) that can be abused to corrupt critical binaries and cause a denial-of-service. The issue affects certain Windows deployments of Iconics Suite and can be chained with CVE-2024-7587 (GenBroker32 installer) to gain effective write access to protected log paths. Iconics released an advisory and a workaround that, if applied, mitigates the reported issues; organizations should apply vendor guidance and limit local write access to application directories.

⚠ Rockwell Automation's ArmorStart LT devices are affected by multiple vulnerabilities that can cause denial-of-service conditions. Affected models include 290D, 291D, and 294D running firmware versions <=V2.002; each issue is rated CVSS v3.1 7.5 (High). Observed impacts include unresponsive CIP ports, unexpected device reboots, ICMP loss, and web application inaccessibility during fuzzing and active scanning. No patch is available; operators should apply network segmentation and secure remote access best practices to reduce exposure.

⚠️ Multiple denial-of-service vulnerabilities in Rockwell Automation ControlLogix Redundancy Enhanced Modules (catalogs 1756-RM2 and 1756-RM2XT) can be triggered by crafted inputs, including malformed Class 3 messages and resource exhaustion. Exploitation may render devices unresponsive or cause major nonrecoverable faults, potentially requiring a restart. The issues carry a CVSS 3.1 base score of 7.5 (High). Rockwell recommends upgrading to 1756-RM3 and following advisory SD1769; if immediate upgrade is not possible, apply segmentation, firewalling, and other security best practices to reduce exposure.

⚠️ Schneider Electric has identified multiple denial-of-service vulnerabilities in Zigbee products that use the Silicon Labs EmberZNet stack. Affected items include a broad set of Wiser, Iconic, Fuga and other connected modules. A malicious device joining a Zigbee network could trigger buffer overflows or uncontrolled resource consumption, leading to device unavailability. Customers should restrict network joins, use unique install codes and non-default keys, close pairing windows promptly, and follow Schneider Electric and CISA mitigations to reduce exploitation risk.

⚠️ Rockwell Automation's CompactLogix 5370 controllers are affected by a denial-of-service vulnerability (CVE-2025-11743) that can produce a major nonrecoverable fault requiring a restart. The issue is triggered by a malformed CIP Forward Open message and has a CVSS v3.1 base score of 6.5. Affected versions include <=34.013, <=35.012, and 36.011; fixed releases include 37.011, 34.016, 35.015, and 36.012. Rockwell reported the issue to CISA; no known public exploitation has been reported and CISA notes the vulnerability is not exploitable remotely. Users unable to upgrade should follow security best practices to limit exposure.

🔒 GitLab has patched a high-severity two-factor authentication bypass (CVE-2026-0723) that could allow attackers who know a target's account ID to submit forged device responses and bypass 2FA. The release also addresses two high-severity denial-of-service flaws (CVE-2025-13927, CVE-2025-13928) and two medium-severity DoS issues affecting Wiki rendering and SSH authentication. Administrators should upgrade to 18.8.2, 18.7.2, or 18.6.4 immediately; GitLab.com is already patched.

🔒 Unit 42 researchers discovered an Azure Private Endpoint DNS behavior that can unintentionally or deliberately produce denial-of-service conditions for Azure services. In several scenarios — accidental internal, accidental vendor, and malicious actor — linking a Private DNS zone to a virtual network can force name resolution to the private zone and fail when no A record exists, breaking connectivity to otherwise public endpoints. Microsoft documents a partial mitigation (fallback to internet); alternatives include manually adding DNS records and performing comprehensive discovery with Resource Graph.

🔒 Palo Alto Networks has released patches for PAN-OS after a researcher disclosed CVE-2026-0227, a high-severity (CVSS 7.7) vulnerability in GlobalProtect gateway and portal components that can trigger a denial-of-service and force affected firewalls into maintenance mode. The vendor reports no known in-the-wild exploitation but acknowledges proof-of-concept code exists. Prisma Access customers have largely been upgraded; on-premises NGFWs must apply vendor updates per the posted remediation table. There are no official workarounds; temporarily disabling the VPN interface may reduce risk while patching.

⚠️ The controversial ICE List doxxing site, launched after an alleged DHS whistleblower provided details on thousands of ICE and Border Patrol officials, has been taken offline by a sustained DDoS attack. Founder Dominick Skinner reported that overwhelming traffic appears to originate from Russian IP addresses routed through proxies, complicating attribution. Skinner and his team are attempting server migrations to restore access but expect the site to remain a target.

⚠️ Palo Alto Networks patched a high-severity flaw (CVE-2026-0227) in PAN-OS that can allow unauthenticated actors to trigger a denial-of-service, forcing affected firewalls into maintenance mode when GlobalProtect gateway or portal features are enabled. The issue impacts PAN-OS 10.1 and later and some Prisma Access configurations; most cloud Prisma Access instances have been upgraded. Administrators should apply vendor-supplied fixes for their PAN-OS branch immediately to prevent potential disruptions.

🔒 Palo Alto Networks has released patches for a high-severity denial-of-service vulnerability (CVE-2026-0227, CVSS 7.7) affecting GlobalProtect Gateway and Portal components. The flaw, caused by an improper check for exceptional conditions (CWE-754), can be triggered by an unauthenticated attacker and may force affected firewalls into maintenance mode. A proof-of-concept exploit exists and there are no workarounds, so administrators should prioritize applying the vendor updates.