Tuesday, November 2, 2021

Review – 1 Advisory and 1 Update Published – 11-2-21

Today CISA’s NCCIC-ICS published a control system security advisory for products from Johnson Controls. They also updated an advisory for products from WECON.

Johnson Controls Advisory - This advisory discussing a cross-site scripting vulnerability in the Johnson Controls (their American Dynamics brand) VideoEdge network video recorder.

WECON Update - This update provides additional information on an advisory that was originally published on October 4th, 2018.

For more information on the advisory and update, including link to exploit, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/1-advisory-and-1-update-published-b89 - subscription required.

No comments:

 
/* Use this with templates/template-twocol.html */