Today CISA’s NCCIC-ICS published four control system security advisories for products from CODESYS (3) and Advantech.
Linux SysFile Advisory - This advisory
describes an OS command injection vulnerability in the CODESYS V2 Runtime
Toolkit.
Control V2 Advisory - This advisory
describes three vulnerabilities in the CODESYS CODESYS V2 Runtime Toolkit and CODESYS
PLCWinNT products.
V2 Web Server Advisory - This advisory
describes six vulnerabilities in the CODESYS V2 web server.
Advantech Advisory - This advisory describes three vulnerabilities in the Advantech WebAccess HMI Designer. The vulnerabilities were reported by kimiya via the Zero Day Initiative. Advantech is still working on mitigation measures.
For a more detailed look at these advisories see my article
at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/four-advisories-published
Subscription Required.
Posts
No comments:
Post a Comment