Tuesday, January 5, 2016

ICS-CERT Updates Two Advisories

This afternoon the DHS ICS-CERT published to advisory updates; one for a December advisory for vulnerabilities in Advantech’s EKI devices; the other for a November advisory for vulnerabilities in Unitronics’ VisiLogic OPLC IDE devices.

Advantech Update

This update adds a new authentication vulnerability (CVE-2015-7938) and reports that Advantech published firmware updates for all four vulnerabilities on December 31st, 2015. Interestingly it also removes reference to this being an uncoordinated disclosure.

Unitronics Update

This update adds a new code injection vulnerability (CVE-2015-7939) and reports that an even newer update is now available that presumably addresses all three vulnerabilities.

No comments:

/* Use this with templates/template-twocol.html */