Today CISA’s NCCIC-ICS published three control system security advisories for products from Advantech, Softing, and Schneider electric. They also published updated advisories for products from Rockwell Automation and WAGO.
Advantech Advisory - This advisory
describes two vulnerabilities in the Advantech WebAccess/SCADA.
Softing Advisory - This advisory
describes an improper restriction of operations within the bounds of a memory
buffer vulnerability in the Softing OPC-UA C++ Software Development Kit.
Schneider Advisory - This advisory
describes an improper privilege management vulnerability in the Schneider Enerlin'X
Com’X 510 energy server.
Rockwell Update - This update
provides additional information on an advisory that originally
published on January 21st, 2021 and most
recently updated on February 16th, 2021.
WAGO Update - This update provides additional information on an advisory that originally published on January 21st, 2021 and most recently updated on February 16th, 2021.
For more detailed look at the advisories and updates, see my
article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-and-2-updates-published
(subscription required).
Posts
No comments:
Post a Comment