Today, CISA’s NCCIC-ICS published both a control system security advisory and an update for a previously published advisory for products from Delta Electronics.
Delta Advisory - This advisory
describes 17 vulnerabilities in the Delta DIAEnergie.
NOTE: Heinzl’s advisories (see here for example) provide a description of an extremely
long coordination exercise with NCCIC-ICS to get Delta to complete work on the
fix for these vulnerabilities.
Delta Update - This update provides additional information on an advisory that was originally published on August 26th, 2021 and most recently updated on December 16th, 2021.
For more details on these advisories, including links to
researcher reports and reports on 12 additional SQL injection vulnerabilities
in the products covered by today’s new advisory, see my article at CFSN
Detailed Analysis - - subscription required.
Posts
No comments:
Post a Comment