Today, CISA’s NCCIC-ICS published two control system security advisories for products from WIBU and Hitachi ABB Power Grids. They also published an update for an advisory for products from Mitsubishi.
WIBU Advisory - This advisory
describes two buffer over-read vulnerabilities in the WIBU CodeMeter Runtime
Server.
Hitachi ABB Advisory - This advisory
describes an insufficiently protected credentials vulnerability in the Hitachi
ABB Power Grids eSOMS product.
Mitsubishi Update - This update provides additional information on an advisory that was originally published on February 18th, 2021 and most recently updated on May 27th, 2021.
For more detail on the advisories, including links to proof-of-concept
code, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-and-1-update-published-809
- subscription required.
Posts
No comments:
Post a Comment