Thursday, December 9, 2021

Review - 3 Advisories Published – 12-9-21

Today, CISA’s NCCIC-ICS published two control system security advisories for products from WECON and Hitachi Energy and a medical device security advisory for products from Hillrom.

WECON Advisory - This advisory describes a stack-based buffer overflow in the WECON LeviStudioU HMI.

Hitachi Energy Advisory - This advisory describes an improper access control in the Hitachi Energy GMS600, PWC600, and Relion 670/650/SAM600-IO products.

NOTE: Hitachi Energy published separate advisories for each of the affected product lines. I briefly reported on those advisories back on November 6th, 2021.

Hillrom Advisory - This advisory describes an authentication bypass using an alternate path or channel vulnerability in the Hillrom Welch Allyn Cardio Products.

For more details about those advisories, see my article at CFSN Detailed Analysis - - subscription required.

No comments:

/* Use this with templates/template-twocol.html */