This holiday week we had two vendor disclosures from HMS and
Thales Group.
HMS Advisory
HMS published an
advisory describing a cross-site scripting vulnerability in their Flexy and
Cosy industrial routers. The vulnerability was reported by Ander Martínez from
Titanium Industrial Security. HMS has a new firmware version that mitigates the
vulnerability. There is no indication that Martinez has been provided an
opportunity to verify the efficacy of the fix.
Thales Advisory
Gemalto published an
advisory describing a vulnerability in their Sentinel LDK License Manager. Details
about the vulnerability are restricted to registered customers only.
Posts
No comments:
Post a Comment