Yesterday CISA’s NCCIC-ICS published updates for ten control system security advisories for products from Rockwell and Siemens (9).
Rockwell Update
This update provides additional information on an advisory that was originally published on October 10th, 2020. This was originally published on the restricted HSIN site, so in effect this is the original public posting for this advisory. This update describes five vulnerabilities in the Rockwell ISaGRAF5 Runtime product.
Siemens Updates
• PROFINET Update #1 - This update provides additional information on an advisory that was originally published on May 9th, 2017 and most recently updated on March 9th, 2021.
• Industrial Products Update #1 - This update provides additional information on an advisory that was originally published on December 5th, 2017 and most recently updated on March 9th, 2021.
• PROFINET Update #2 - This update provides additional information on an advisory that was originally published on October 10th, 2019 and most recently updated on September 9th, 2020.
• SIMATIC Update #1 - This update provides additional information on an advisory that was originally published on September 8th, 2021.
• Industrial Products Update #2 - This update provides additional information on an advisory that was originally published on September 8th, 2020 and most recently updated on April 13th, 2021.
• SIMATIC Update #2 - This update provides additional information on an advisory that was originally published on July 9th, 2020 and most recently updated on March 9th, 2021.
• SINAMICS Update - This update provides additional information on an advisory that was originally published on April 13th, 2021.
• Linux Based Products Update - This update provides additional information on an advisory that was originally published on May 11th, 2021.
NOTE: Siemens published two additional updates that I will discuss in my ICS Public Disclosures post this weekend.
For a more detailed look at these updates see my article at
CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/10-updates-published-6-8-21. Subscription required.
No comments:
Post a Comment