A Vulnerability in Trimble Cityworks Could Allow for Remote Code Execution

Read Time:33 Second

A vulnerability has been discovered in Trimble Cityworks that could allow for remote code execution. Trimble Cityworks is a system that helps manage the lifecycle of assets for public infrastructure. It uses GIS (geographic information systems) to help with tasks such as permitting, licensing, construction, maintenance, and replacement. Successful exploitation of the of this vulnerability could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

The AI Fix #42: AIs with anxiety, and why AIs don’t know what happened

Security Researcher Proves GenAI Tools Can Develop Google Chrome Infostealers

New Report Highlights Common Passwords in RDP Attacks

BlackBasta Ransomware Ties to Russian Authorities Uncovered

Google Buys Wiz in $32bn Cloud Security Push

Over 16.8 Billion Records Exposed as Data Breaches Increase 6%

Large-Scale Malicious App Campaign Bypassing Android Security

Is Security Human Factors Research Skewed Towards Western Ideas and Habits?

Third of UK Supply Chain Relies on “Chinese Military” Companies

A Vulnerability in Trimble Cityworks Could Allow for Remote Code Execution

golang-github-openprinting-ipp-usb-0.9.30-1.fc41

nodejs-nodemon-3.1.9-3.fc41

nodejs-nodemon-3.1.9-3.fc40

nodejs-nodemon-3.1.9-4.fc42

ZDI-25-148: (0Day) Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability

USN-7354-1: djoser vulnerability