🚨 Trane resolved five vulnerabilities disclosed by #Team82 affecting its Tracer SC, SC+, and Concierge building management system products. The vulnerabilities enable information disclosure, code execution, or denial-of-service attacks.
Read more: claroty.com/team82/discl...
🔬 New research from #Team82 shows attackers are increasingly targeting CPS to advance political and social agendas, often using low-tech methods against exposed, internet-facing assets. Find out what organizations can do to strengthen their defenses. 🔖 claroty.com/blog/the-wea...
⚠️ Schneider Electric Electric has addressed 2 vulnerabilities disclosed by #Team82 in its Modicon Controllers M241 / M251, and M262 PLC line, which can allow attackers to cause a Denial of Service condition that affects the availability of the controller.
🔎 Read more: claroty.com/team82/discl...
🚨 New research today from #Team82 reveals cyber-physical systems (CPS) are becoming a preferred target for opportunistic threat actors, who are often inspired politically and socially by geopolitical events.
📰 Read more: claroty.com/press-releas...
🚨 Johnson Controls recommends that users of its Frick Controls Quantum HD platform update to current versions after a disclosure by #Team82 of 𝟔 new vulnerabilities. More info: claroty.com/team82/discl...
Copeland has provided updates for its XWEB and XWEB Pro monitoring solutions for #retail and #HVAC environments that address 🚨 𝟐𝟑 vulnerabilities disclosed by #Team82.
⚠️ Check out our Disclosure Dashboard for more details & remediation information: claroty.com/team82/discl...
⚠️ EnOcean has addressed 2 vulnerabilities disclosed by #Team82 in its SmartServer IoT product and #IoT edge server. claroty.com/team82/discl...
🔖 Read more about Team82's research into the LonTalk protocol: claroty.com/team82/resea...
🚨 New from #Team82: Our research team shares its analysis of the LonTalk networking protocol which is often optimized for control applications within building management and automation systems.
Read here: claroty.com/team82/resea...
#Team82 lead Noam Moshe shares research on the Axis video surveillance platform, highlighting how many vulnerable servers and devices remain exposed to attackers and how these #IoT assets can be leveraged for lateral movement into networks.
▶️ Watch here: nexusconnect.io/nexus-25
New #Team82 research uncovers a 1-click remote-code execution vulnerability affecting IDIS Cloud Manager viewer that could allow attackers to view live video feeds, recordings, and search images on the video surveillance system. Read more: claroty.com/team82/resea...
Team82's Noam Moshe explores his team’s expansive look into IP-based surveillance cameras 🎥 manufactured by Axis Communications.
⚠️ #Team82 uncovered a number of vulnerabilities in the management framework.
▶️ Watch here: nexusconnect.io/videos/noam-...
⚠️ #Team82 and Trend Micro's Zero Day Initiative disclosed 18 vulnerabilities in Algo Communication Products Ltd's IP Audio Alerter product that expose devices to numerous types of remote attacks that could enable code execution, information disclosure.
ℹ️ More info: claroty.com/team82/discl...
#Team82 rocks ! 🤘
Curious about what’s really happening in cyber-physical systems? Explore real-world research with #Team82 — from vulnerability analysis to practical, tactical insights. 💬 Join the Team82 Research Slack channel: join.slack.com/t/team82rese...
⚠️ Zenitel has provided an update to its TCIV-3+ IP/SIP video intercoms to address 5 vulnerabilities disclosed by #Team82 that could allow an attacker to run arbitrary code or crash systems. Zenitel advises users to upgrade to version 9.3.3.0 or later. claroty.com/team82/discl...
⚠️ METZ Connect has provided firmware updates for 5 vulnerabilities disclosed by #Team82 in Metz's EWIO2 Ethernet I/O Controller. These vulnerabilities could allow an attacker to control the device remotely or remote code execution. Read more: claroty.com/team82/discl...
Schwachstelle in Remote-Terminal-Units von Red Lion
@Claroty #Authentifizierung #potatophysischeSysteme #CPS #Potatosecurity #Potatosicherheit #RemoteTerminalUnit #RedLion #Sicherheitslücke #SixnetUniversalProtokoll #Team82
netzpalaver.de/2025/...
Schwachstelle in Remote-Terminal-Units von Red Lion
@Claroty #Authentifizierung #cyberphysischeSysteme #CPS #Cybersecurity #Cybersicherheit #RemoteTerminalUnit #RedLion #Sicherheitslücke #SixnetUniversalProtokoll #Team82
netzpalaver.de/2025/...
🔬 #Team82 has published some details on two serious ⚠️ vulnerabilities in two Red Lion's Sixnet remote terminal unit (RTU) products, and in the Sixnet Universal protocol. The vulnerabilities were assessed a CVSS v3 score of 10.0, and users are urged to apply patches. claroty.com/team82/resea...
⚠️ Danfoss has provided fixes for two vulnerabilities disclosed by #Team82 affecting the DANFOSS AK-SM 8xxA Series of refrigeration controllers that could enable remote code execution and a denial-of-service condition. More info: claroty.com/team82/discl...
⚠️ Siemens has addressed an input validation vulnerability disclosed by #Team82. An unauthenticated local attacker exploiting this vulnerability could crash the RTLS Locating Manager. More info on our Vulnerability Dashboard: claroty.com/team82/discl...
🗓️ New webinar Sept. 18! Join #Team82 for a demo of their Open Sesame attack and learn how attackers can exploit a key data transit point, such as a wireless access device, in order to move onto the network, manipulate data, and disrupt business. Sign up: discover.claroty.com/webinar_brin...
Team82's Noam Moshe joins the 🎙️ Nexus Podcast to discuss his research on Axis Communications' popular video surveillance platform. ⚠️ #Team82 discovered four vulnerabilities and an exploit chain that resulted in pre-authentication remote code execution.
🎧 Listen here: nexusconnect.io/podcasts/nex...
🔬 In the latest from #Team82, read how we developed a unique exploit chain that enables remote-code execution on a target by leveraging a pre-authenticated format-string vulnerability that opened the door to overwriting global offset table (GOT) entries. claroty.com/team82/resea...
⚠️ #Team82 has uncovered a vulnerability in the BlueStacks Player virtualization platform stemming from a lack of SSL certificate validation in v5.20. BlueStacks has patched the vulnerability in a recent update. More info: claroty.com/team82/discl...
⚠️ AXIS patched 4 vulnerabilities disclosed by #Team82 in two of its video surveillance platforms. The vulnerabilities include authentication bypasses, privilege escalation, and the most serious, enabling an attacker to remotely execute code. More info: claroty.com/team82/discl...
⚠️ ControlID released an update for its vehicle access control systems iDSecure On-premises that fixes 3️⃣ vulnerabilities disclosed by #Team82. Users should update to version 4.7.50.0. More info: claroty.com/team82/discl...
⚠️ Microsense has provided an update for its NMP Web+ network management systems that addresses 3️⃣ vulnerabilities disclosed by #Team82, one of which was assessed a 🚨 CVSS v3 score of 9.8. More info: claroty.com/team82/discl...
New from #Team82: The “State of CPS Security 2025: Building Management System Exposures” highlights the riskiest exposures among building management systems (#BMS). 📁 Read more: claroty.com/press-releas...
New Claroty Research Unveils Alarming Vulnerabilities in Building Automation Systems #United_States #New_York #Claroty #Team82 #Building_Management_Systems
