Thanks to a Tweet® from Red Team
SCADA I looked at the Open
Source Vulnerability Database this morning and noticed that in the last two
weeks there were two ICS vulnerabilities listed that have not yet been reported
by ICS-CERT. Those are:
• An Triangle Research Nano-10 PLC
vulnerability; and
• An Invensys Wonderware InTouch
vulnerability
Both of these are listed as coordinated vulnerabilities with
mitigation measures available from the vendors.
I don’t suppose that we will hear anything now until the
shutdown is lifted. It does beg the question, do we need ICS-CERT’s reporting?
Posts
No comments:
Post a Comment