This week we have one vendor notification from Phoenix
Contact and an update of an earlier vendor notification from Rockwell
Automation.
Phoenix Contact Advisory
VDE-CERT published an advisory for an improper access
control vulnerability in the Phoenix Contact FL NAT SMx web UI. The
vulnerability was reported by Maxim Rupp. Phoenix Contact provides generic control
measures to mitigate this vulnerability. There is no indication that Rupp was provided an opportunity to verify the efficacy of the fix.
Rockwell Update
Rockwell provided an update to their advisory published
earlier this week. The update provides links to:
• The Applied Risk report
on the vulnerability; and
• The ICS-CERT advisory
Posts
No comments:
Post a Comment