On Friday Karn Ganeshen described an uncontrolled search
path element vulnerability in the Schneider Electric Pro-Face WinGP in a post on SECLISTS.com.
The information provided includes a proof-of-concept exploit. There is no
information provided indicating any attempts at coordinated disclosure.
Earlier this week Ganeshen also published proof-of-concept
exploits for two other Schneider products for which an ICS-CERT advisory had been published; ICSA-17-094-01
and
Posts
No comments:
Post a Comment