Happy Twosday! Today, CISA’s NCCIC-ICS published three control system security advisories for products from WIN-911 and GE (2).
WIN-911 Advisory - This advisory
describes two incorrect default permissions vulnerabilities in the WIN-911 2021
alarm notification platform.
NOTE: The WIN-911
advisory provides a good explanation of the how these two vulnerabilities
work.
GE Advisory #1 - This advisory
describes a clear-text transmission of sensitive information vulnerability in
the GE Proficy CIMPLICITY HMI and SCADA platform.
GE Advisory #2 - This advisory
describes an improper privilege management vulnerability in the GE Proficy
CIMPLICITY HMI and SCADA platform.
For additional details about these vulnerabilities, see my article
at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-published-2-22-22
- subscription required.
Posts
No comments:
Post a Comment