Today, CISA’s NCCIC-ICS published three control system security advisories for products from IDEC, Fernhill and Omron. They also published a medical device security advisory for products from Philips.
IDEC Advisory - This advisory
describes four vulnerabilities in the IDEC PLC’s.
NOTE 1: I briefly
reported on these vulnerabilities on December 25th, 2021.
Fernhill Advisory - This advisory
describes an uncontrolled resource consumption vulnerability in the Fernhill
SCADA Server.
Omron Advisory - This advisory
describes a stack-based buffer overflow vulnerability in the Omron CX-One
automation software.
Philips Advisory - This advisory describes an improper access control vulnerability in the Philips Engage customer support software platform.
For more details about these advisories, see my article at
CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/4-advisories-published-1-6-22
- subscription required.
Posts
No comments:
Post a Comment