This week we have four vendor disclosures from Schneider Electric. There are also six updates available for advisories from Schneider (4) and Siemens (2). Finally, we have a research report for vulnerabilities in three message broker applications.
Schneider Advisories
Schneider published an
advisory describing two vulnerabilities in their PowerLogic PM55xx and
PowerLogic PM8ECC products.
Schneider published an advisory describing six vulnerabilities in their PowerLogic EGX100 and EGX300 products.
Schneider published an
advisory discussing the ISaGRAF
vulnerabilities in their IEC 61131-3 Programming and Engineering Tools.
Schneider published an advisory describing an improper privilege management vulnerability in their Enerlin'X Com’X 510 product.
Schneider Updates
Schneider published an
update for their EcoStruxure™ Machine Expert advisory that was
originally published on May 11th, 2021.
Schneider published an
update for their C-bus Toolkit advisory that was
originally published on April 15, 2021.
Schneider published an
update for their PLC Simulator advisory that was
originally published on November 10th, 2020.
Schneider published an update for their Modicon Controllers advisory that was originally published on May 18th, 2019.
Siemens Updates
Siemens published an update
for the Industrial Software advisory that was originally
published on July 9th, 2020 and most
recently updated on March 9th, 2021.
Siemens published an update for their Industrial PCs advisory that was originally published on May 11th, 2021.
Researcher Report
Synopsys Cybersecurity Research Center published a report describing separate denial of service vulnerabilities in three message broker applications used in many IoT communications processes.
For more detailed information on these disclosures, see my
article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/public-ics-disclosures-794
(subscription required)
Posts
No comments:
Post a Comment