Tuesday, December 21, 2021

Review - 5 Advisories and 1 Update Published – 12-21-21

Today, CISA’s NCCIC-ICS published four control system security advisories for products from Emerson, WECON, Horner Automation, and mySCADA. They published one medical device security advisory for products from Fresenius Kabi. They also updated a control system security advisory from Schneider.

Emerson Advisory - This advisory describes two vulnerabilities in the Emerson DeltaV distributed control system.

WECON Advisory - This advisory describes two vulnerabilities in the WECON LeviStudioU HMI programming software.

Horner Advisory - This advisory describes an improper input validation vulnerability in the Horner Cscape EnvisionRV remote viewing software.

mySCADA Advisory - This advisory describes eight vulnerabilities in the mySCADA myPRO HMI/SCADA.

Fresenius Advisory -  This medical device advisory describes thirteen vulnerabilities in the Fresenius Kabi Agilia Connect Infusion System.

Schneider Update - This update provides additional information on an advisory that was originally published on December 14th, 2021.

For more details about these advisories, including an exploit link, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/5-advisories-and-1-update-published - subscription required.

No comments:

/* Use this with templates/template-twocol.html */