Tuesday, December 14, 2021

Review - 2 Advisories and 1 Update Published – 12-14-21

Today, CISA’s NCCIC-ICS published two control system security advisories for products from Schneider Electric and Advantech. They also updated a medical device security advisory for products from Hillrom.

Schneider Advisory - This advisory describes a cross-site scripting vulnerability in the Schneider Rack Power Distribution Unit (PDU).

Advantech Advisory - This advisory describes 26 vulnerabilities in the Advantech R-SeeNet.

NOTE: I briefly reported on these vulnerabilities on November 27th, 2021.

Hillrom Update - This update provides additional information on an advisory that was originally published on June 1st, 2021.

For additional details on these advisories, including links to the researcher reports wit POC code, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-and-1-update-published-ade - subscription required.

No comments:

/* Use this with templates/template-twocol.html */