Industrial Control Systems

Researchers disclose two CVSS 10.0 flaws in Red Lion Sixnet RTUs

News, Research, Risk, Vendors, Vulnerabilities

October 15, 2025

Security researchers have disclosed two CVSS 10.0 vulnerabilities (CVE-2023-40151 and CVE-2023-42770) in Red Lion Sixnet RTUs that can allow unauthenticated attackers to execute commands as root; vendors and agencies advise patching, enabling authentication and blocking TCP access.
CISA Issues Warning on Cybersecurity Vulnerabilities in US Oil and Gas Sector

Cybercrime, Policy, Risk, Vulnerabilities

May 8, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has warned about the risk of cyberattacks on the US oil and gas infrastructure, highlighting systemic vulnerabilities and the importance of basic cybersecurity practices.