Tuesday, February 1, 2022

Review – 2 Advisory and 1 Update Published – 2-1-22

Today, CISA’s NCCIC-ICS published two control system security advisories for products from Advantech and Ricon. They also updated their Multiple Data Distribution System advisory.

Advantech Advisory - This advisory describes a use of hard-coded cryptographic key in the Advantech ADAM-3600 remote terminal unit.

Ricon Advisory - This advisory describes an OS command injection vulnerability in the Ricon S9922 series Industrial Cellular Router.

NOTE: I briefly discussed this vulnerability on July 10th, 2021.

Multiple DDS Update - This update provides additional information on an advisory that was originally published on November 11th, 2021.

NOTE: Alias Robotic recently published an updated report on these vulnerabilities.


For more details about these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisory-and-1-update-published - subscription required.

No comments:

/* Use this with templates/template-twocol.html */