Saturday, May 4, 2019

Public ICS Disclosures – Week of 04-25-19

This week we have two vendor disclosures on security products from Cisco and Gemalto.

Cisco Advisory

Cisco published an advisory describes a denial of service vulnerability in the Cisco Adaptive Security Appliance (ASA) Software. (NOTE: Cisco ASA software is used as third-party software in at least one control system security product.) The vulnerability is self-reported. Cisco has updates available that mitigate the vulnerability.

Gemalto Advisory

Gemalto has announced that it has an advisory available for vulnerabilities in the Gemalto Sentinel LDK product. The advisory is only available to those with an account with Gemalto (not me). We may see an advisory from NCCIC-ICS on these vulnerabilities.

No comments:

/* Use this with templates/template-twocol.html */