The CISA NCCIC-ICS published a control system security
advisory for products from Inductive Automation.
Inductive Advisory
This advisory describes
an improper access control vulnerability in the Inductive Advisory Ignition 8
Gateway. The vulnerability was reported by Sharon Brizinov and Mashav Sapir
from Claroty. Inductive has a new version that mitigates the vulnerability.
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit the vulnerability to allow an attacker to write endless
log statements into the database, which could result in a denial-of-service
condition.
Posts
No comments:
Post a Comment