Yesterday the DHS ICS-CERT published a control system security advisory
for an improper authorization vulnerability in the GE Bently Nevada 3500/22M
monitoring system. Apparently this is a self-reported vulnerability. GE has
produced a new firmware version to mitigate this vulnerability. ICS-CERT had
previously published this advisory on the US-CERT Secure Portal on September 8th.
ICS-CERT reports that a relatively unskilled attacker could
remotely exploit this vulnerability to gain unauthorized access to the affected
device with elevated privileges.
Posts
No comments:
Post a Comment