Yesterday, in addition to the two updates I have already reported on, the DHS ICS-CERT updated a control system security advisory for Advantech WebAccess that was originally published on June 21st, 2016.
The update adds ZDI to the vulnerability reporting process. It also adds an information exposure vulnerability (CVE-2016-5810) to the previously reported vulnerabilities.
I became aware of this vulnerability earlier today when I received an email from ICS-CERT (part of the notification program for which you can sign up) notifying me that the advisory had been updated. There was also a TWEET from ICS-CERT today making the same notification.
My followers on TWITTER would normally have seen a Re-TWEET from me, but for some reason ICS-CERT has been blocking Re-TWEETS of a number of their advisory and update TWEETs. Not all of them have been treated that way, but an interesting number of them have.