Yesterday the DHS ICS-CERT published a control system
security advisory for products from Yokogawa.
Yokogawa Advisory
This advisory
describes an access controls vulnerability in the Yokogawa Centum series
products. This vulnerability is being self-reported by Yokogawa. Yokogawa has
produced updated versions of the supported products affected.
ICS-CERT reports that an uncharacterized attacker with
uncharacterized access could exploit the vulnerability to generate false system
or process alarms, or block system or process alarm displays. The Yokogawa advisory
reports additional mitigation measures that would seem to indicate that the
vulnerability could be exploited remotely.
Yokogawa also indicates that the two non-Centum products
listed in the ICS-CERT advisory are not directly affected by this vulnerability
but could have their alarm functions affected if the products are on the same
computer as an exploited Centum product.
Posts
No comments:
Post a Comment