🚨 Trane resolved five vulnerabilities disclosed by #Team82 affecting its Tracer SC, SC+, and Concierge building management system products. The vulnerabilities enable information disclosure, code execution, or denial-of-service attacks.
Read more on our Disclosure Dashboard http://claroty.com/team82/disclosure-dashboard
Critical infrastructure is becoming a battleground, and not always in the ways you’d expect. 🚨
🔬 New research from #Team82 shows attackers are increasingly targeting cyber-physical systems (CPS) to advance political and social agendas, often using low-tech methods against exposed, internet-facing assets.
From compromised HMI and SCADA systems to large-scale opportunistic attacks, the shift is clear: it’s no longer just about disruption; it’s about influence.
Find out how and why CPS is being weaponized and what organizations can do to strengthen their defenses. 🔖 https://claroty.com/blog/the-weaponization-of-critical-infrastructure-how-attackers-leverage-cps-for-political-and-social-gain
#Cybersecurity #CriticalInfrastructure #OTSecurity #CPS #ThreatIntelligence
In the latest Team82 threat intelligence report, our research points to the same conclusion reached by the Cybersecurity & Infrastructure Security Agency (CISA) in December 2025: There is a noticeable rise in opportunistic attacks against U.S.-based critical infrastructure.
🚨 New research today from Team82 reveals cyber-physical systems (CPS) are becoming a preferred target for opportunistic threat actors, who are often inspired politically and socially by geopolitical events.
Analyzing 200+ attacks against CPS in numerous industries, the findings show:
🔹 82% used virtual network computing (VNC) to access exposed, internet-facing assets
🔹 66% involved compromised HMI or SCADA systems
🔹 Many attacks required minimal sophistication, yet posed serious risks to operations, safety, and the public
#Team82 #CyberPhysicalSystems #OTSecurity #ThreatIntelligence #CriticalInfrastructure #Cybersecurity
🚨 Johnson Controls recommends that users of its Frick Controls Quantum HD platform update to current versions after the disclosure by #Team82 of 𝟔 vulnerabilities that could lead to pre-authentication remote code execution, information leaks, and denial-of-service conditions.
Affected versions are (10.22-11) are no longer supported by the vendor, and users are urged to upgrade to version 12 or higher.
⚠️ Check out our Disclosure Dashboard for more details and remediation info. https://claroty.com/team82/disclosure-dashboard
Copeland has provided updates for its XWEB and XWEB Pro monitoring solutions for #retail and #HVAC environments that address 🚨 𝟐𝟑 vulnerabilities disclosed by #Team82 researchers, Noam Moshe and Amir Zaltzman. Fifteen OS command injection flaws and an authentication bypass assessed a 10.0 CVSS are among the most severe vulnerabilities.
⚠️ Check out our Disclosure Dashboard for more details & remediation information: https://claroty.com/team82/disclosure-dashboard
⚠️ EnOcean has addressed two vulnerabilities disclosed by #Team82 vulnerability researcher Amir Zaltzman in its SmartServer IoT product, and #IoT edge server that is ideal for monitoring energy management and other building management systems. 🚨 The vulnerabilities enable remote attackers to crafted Lon IP-852 messages that result in code execution on the device. https://claroty.com/team82/disclosure-dashboard
🔖 You can read more about Team82's research into the LonTalk protocol here: https://claroty.com/team82/research/examining-the-legacy-bms-lontalk-protocol
🚨 New from #Team82: Our research team shares its analysis of the LonTalk networking protocol which is often optimized for control applications within building management and automation systems. This blog examines the protocol’s fundamentals and traces its evolution from serial communication to IP-based deployments.
Read here: https://claroty.com/team82/research/examining-the-legacy-bms-lontalk-protocol
At Nexus Conference 2025, #Team82 lead Noam Moshe shared research on the Axis Communications video surveillance platform, highlighting how many vulnerable servers and devices remain exposed to attackers and how these #IoT assets can be leveraged for lateral movement into enterprise networks.
▶️ Watch the Top Sessions from #Nexus2025 here: https://nexusconnect.io/nexus-25
🚨 New from #Team82: Our researchers uncovered a one-click remote-code execution ⚠️ vulnerability affecting IDIS Cloud Manager viewer that could allow attackers to view 🔴 live video feeds and recordings and search images on the video surveillance system. The vulnerability has been patched and users are urged to upgrade to version 1.7.1.
🔬 Read more: https://claroty.com/team82/research/new-architecture-new-risks-one-click-to-pwn-idis-ip-cameras
🚨 New from #Team82: Our researchers uncovered a one-click remote-code execution ⚠️ vulnerability affecting IDIS Cloud Manager viewer that could allow attackers to view 🔴 live video feeds and recordings and search images on the video surveillance system. The vulnerability has been patched and users are urged to upgrade to version 1.7.1.
🔬 Read more: https://claroty.com/team82/research/new-architecture-new-risks-one-click-to-pwn-idis-ip-cameras
Claroty