Researchers discovered five security flaws in ICONICS Suite (≤10.97.2) for Windows, posing risks to critical infrastructure sectors like government, military, manufacturing, and utilities.
Key Vulnerabilities (CVE):
🔹 CVE-2024-1182 – DLL Hijacking in MMCFG (Privilege Escalation)
🔹 CVE-2024-7587 – Weak Permissions in GenBroker32 (Unauthorized Access, DoS)
🔹 CVE-2024-8299 & CVE-2024-9852 – Uncontrolled Search Path (Malicious DLL Execution)
🔹 CVE-2024-8300 – Dead Code in GENESIS64 (Code Execution)
Security patches have been released by ICONICS to fix these issues.
Palo Alto Networks products help detect and mitigate such attacks.
Users should apply patches immediately and follow recommended workarounds to secure their SCADA installations.
Key Vulnerabilities (CVE):
🔹 CVE-2024-1182 – DLL Hijacking in MMCFG (Privilege Escalation)
🔹 CVE-2024-7587 – Weak Permissions in GenBroker32 (Unauthorized Access, DoS)
🔹 CVE-2024-8299 & CVE-2024-9852 – Uncontrolled Search Path (Malicious DLL Execution)
🔹 CVE-2024-8300 – Dead Code in GENESIS64 (Code Execution)
Security patches have been released by ICONICS to fix these issues.
Palo Alto Networks products help detect and mitigate such attacks.
Users should apply patches immediately and follow recommended workarounds to secure their SCADA installations.
![[Image: MxgnhgZ.gif]](https://i.imgur.com/MxgnhgZ.gif)