June 2024

Tuesday, June 11, 2024

Israel–Palestine conflict

11 June 2024: Israel Defense Forces discover tunnel in child’s bedroom in Rafah
8 June 2024: IDF missile strikes UN school
6 June 2024: Hezbollah launches drone attack on Hurfeish, Israel
6 June 2024: Hezbollah attacks Israel, causes wildfires
3 June 2024: Tens of thousands of people join the Israeli day parade

Symbol for peace between Israel and Palestine

Collaborate!

On Thursday, the Israel Defense Forces (IDF) reported they had discovered a tunnel in a child’s bedroom in Rafah, belonging to Hamas, which is recognized by the United States as a terrorist organization. A butcher’s knife was also reported to have been found near the tunnel’s entrance. Explosives and other weapons were recovered from the tunnel.

The same day, the IDF was also reported to have located six militants “near a school” close to the tunnel who were “eliminated by UAV and tank fire.”

This came amidst the recent escalation after the October 7, 2023 attack. The attack killed 1,139 Israelis, including 373 members of the security forces, 695 civilians (including 36 children), and 71 foreigners. In addition, nearly 250 Israelis were taken hostage. During the attack, more than 3,000 Hamas gunmen crossed the border, as well as nearly 6,000 rockets were fired. Sources indicate numerous acts of sexual assault resulted during this conflict. Thousands of rockets are also reported to have been fired during the attack. In response, Israel declared war on Hamas and mobilized 350,000 reservists. Up to May 2024, Israel says they have killed 14,000 terrorists and 16,000 civilians during the war, while Hamas says that 35,000 people have been killed.

Have an opinion on this story? Share it!

Sources

[edit]

“Soldiers find Rafah tunnel shaft under child’s bedroom” — ANI News, June 6, 2024
Anders Hagstrom. “Israeli troops uncover Hamas tunnel entrance inside child’s room in Rafah” — Fox News, June 6, 2024
Victoria Bisset. “Who are the Hamas leaders behind the attacks on Israel?” — The Washington Post, October 11, 2023
“Israel social security data reveals true picture of Oct 7 deaths” — France 24, December 15, 2023
Emanuel Fabian, Gianluca Pacchiani. “IDF estimates 3,000 Hamas terrorists invaded Israel in Oct. 7 onslaught” — The Times of Israel, November 1, 2023
“Israel publishes new civilian death toll in Gaza” — VOA News, May 21, 2024

Share this:

View CSAF

1. EXECUTIVE SUMMARY

CVSS v4 7.0
ATTENTION: Low attack complexity
Vendor: AVEVA
Equipment: PI Asset Framework Client
Vulnerability: Deserialization of Untrusted Data

2. RISK EVALUATION

Successful exploitation of this vulnerability could allow malicious code execution.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

The following versions of AVEVA PI Asset Framework Client, a tool to model either physical or logical objects, are affected:

PI Asset Framework Client: 2023
PI Asset Framework Client: 2018 SP3 P04 and prior

3.2 Vulnerability Overview

3.2.1 Deserialization of Untrusted Data CWE-502

There is a vulnerability in AVEVA PI Asset Framework Client that could allow malicious code to execute on the PI System Explorer environment under the privileges of an interactive user that was socially engineered to import XML supplied by an attacker.

CVE-2024-3467 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.3 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).

A CVSS v4 score has also been calculated for CVE-2024-3467. A base score of 7.0 has been calculated; the CVSS vector string is (CVSS4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N).

3.3 BACKGROUND

CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
COUNTRIES/AREAS DEPLOYED: Worldwide
COMPANY HEADQUARTERS LOCATION: United Kingdom

3.4 RESEARCHER

AVEVA reported this vulnerability to CISA.

4. MITIGATIONS

AVEVA recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation. Customers using affected products should apply security updates as soon as possible:

(Recommended) All affected versions can be fixed by upgrading to PI AF Client 2023 Patch 1 or later:
From OSI Soft Customer Portal, search for “Asset Framework” and select “PI Asset Framework (AF) Client 2023 Patch 1” or later.
(Alternative) AF Client 2018 SP3 P04 and prior can be fixed by deploying PI AF Client 2018 SP3 Patch 5 or later:
From OSI Soft Customer Portal, search for “Asset Framework” and select either “PI Asset Framework (AF) Client 2018 SP3 Patch 5” or later.

AVEVA further recommends users follow general defensive measures:

Run PI System Explorer as a least privilege interactive account when possible.
Establish procedures for verifying the source of XML is trusted before importing into PI System Explorer.

For additional information please refer to AVEVA-2024-004

CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as:

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

CISA also recommends users take the following measures to protect themselves from social engineering attacks:

Do not click web links or open attachments in unsolicited email messages.
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time. This vulnerability is not exploitable remotely.

5. UPDATE HISTORY

June 11, 2024: Initial Publication

Phillies catcher J.T. Realmuto needs knee surgery, placed on injured list

I’m 64 and retired to watch my grandkids. My husband, 65, and I have $1.7 million. When should we claim Social Security?

Israel Defense Forces discover tunnel in child’s bedroom in Rafah

Sources

4,000-year-old Greek hilltop site mystifies archaeologists. It could spell trouble for new airport

Here’s How Many Shares Of Exxon Mobil Corp You Would Need To Earn $500 Per Month In Dividends

Pamela Smart, serving life, accepts responsibility for her husband’s 1990 killing for the first time

2024 NBA Draft: Ranking the top center prospects, including potential No. 1 pick Alex Sarr

For Game 3, the dominant Celtics will be underdogs for just 4th time in 99 games

AVEVA PI Asset Framework Client