SecurityWeek reports that active abuse of the medium-severity OpenPLC ScadaBR cross-site scripting flaw, tracked as CVE-2021-26829, has prompted its inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the security weakness by Dec. 19.Attacks involving the XSS vulnerability have been launched by pro-Russian hacktivist group TwoNet against a water treatment facility honeypot in October, according to Forescout, which noted the defacement of the related human-machine interface login page's description.Despite the lack of real-world implications from the honeypot targeting, exploitation of CVE-2021-26829 was previously found to potentially enable arbitrary code execution and session takeovers. No other in-the-wild abuse of the flaw has been observed so far. Such a development comes as water sector industrial control systems and operational technology remain an attractive target for hacktivists.
Vulnerability Management, Patch/Configuration Management
Old OpenPLC ScadaBR flaw added to CISA KEV after hacktivist attack

(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



