Saturday, November 19, 2016

Public ICS Vulnerability Disclosure – 11-19-16

This week SEC Consult Vulnerability Lab published a report about multiple vulnerabilities in the I-Panda SolarEagle - Solar Controller Administration Software. The reported vulnerabilities include:

• Broken local admin authentication;
• Missing server side authentication;
• Unencrypted communication; and
• Denial of service

SEC Consult reported that they attempted to coordinate the disclosure with the vendor but got no response.

No comments:

/* Use this with templates/template-twocol.html */