Tuesday, October 12, 2021

Review - 3 Advisories Published – 10-12-21

Today CISA’s NCCIC-ICS published three control system security advisories for products from Schneider and Advantech (2).

Schneider Advisory - This advisory describes four vulnerabilities in the Schneider Interactive Graphical SCADA System (IGSS).

Advantech Advisory #1 - This advisory describes two vulnerabilities in the Advantech WebAccess HMI platform.

Advantech Advisory #2 - This advisory describes a missing authorization vulnerability in the Advantec WebAccess/SCADA.

Commentary

This is the first time since Siemens joined the 2nd Tuesday Club that ICS has not published a swath of Siemens advisories and updates. I suspect that this was at least partially caused by yesterday’s holiday. I expect that NCCIC-ICS will publish their advisories on Thursday.

For more details on today’s advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-published-10-12-21 - subscription required.

No comments:

 
/* Use this with templates/template-twocol.html */