Thursday, June 1, 2017

ICS-CERT Publishes Phoenix Broadband Advisory

Today the DHS ICS-CERT published a control system security advisory for products from Phoenix Broadband Technologies. The advisory describes an hard-coded password vulnerability in the Phoenix PowerAgent SC3 Site Controller. The vulnerability was reported by Iñaki Rodríguez. Phoenix Broadband has produced a new firmware version to mitigate the vulnerability. ICS-CERT reports that Rodriguez has tested the new version and confirms its efficacy.

ICS-CERT reports that a relatively unskilled attacker could remotely exploit the vulnerability to gain access to the battery monitoring system.

No comments:

/* Use this with templates/template-twocol.html */