Thursday, July 29, 2021

Review - 2 Advisories and 1 Update Published – 7-29-21

Today, CISA’s NCCIC-ICS published two control system security advisories for products from WIBU and Hitachi ABB Power Grids. They also published an update for an advisory for products from Mitsubishi.

WIBU Advisory - This advisory describes two buffer over-read vulnerabilities in the WIBU CodeMeter Runtime Server.

Hitachi ABB Advisory - This advisory describes an insufficiently protected credentials vulnerability in the Hitachi ABB Power Grids eSOMS product.

Mitsubishi Update - This update provides additional information on an advisory that was originally published on February 18th, 2021 and most recently updated on May 27th, 2021.

For more detail on the advisories, including links to proof-of-concept code, see my article at CFSN Detailed Analysis - - subscription required.

No comments:

/* Use this with templates/template-twocol.html */