CISA has added the CVE-2021-26829 vulnerability in ScadaBR to its KEV catalog after it was exploited by hackers for defacement of an ICS interface. The incident highlights the ongoing threat of exploit only vulnerabilities in industrial control systems by hacktivists and sophisticated actors. #CISA #CVE-2021-26829 #TwoNet #ICSattack #ScadaBR
Keypoints
- The CVE-2021-26829 vulnerability is a cross-site scripting (XSS) flaw in ScadaBR, patched in June 2021.
- Hackers exploited this vulnerability to deface an industrial control system’s human-machine interface (HMI).
- The attack was performed by the hacktivist group TwoNet, which is pro-Russian in origin.
- The incident involved minimal real-world impact but demonstrated the vulnerability’s exploitability.
- Advanced threat actors could potentially exploit this flaw in highly targeted and covert operations.
Read More: https://www.securityweek.com/cisa-warns-of-scadabr-vulnerability-after-hacktivist-ics-attack/