Today, CISA’s NCCIC-ICS published three control system security advisories for products from Hitachi Energy, Johnson Controls and Delta Electronics.
Hitachi Energy Advisory - This advisory
describes nine vulnerabilities (six with known exploits) in the Hitachi Energy
MicroSCADA Pro/X SYS600. These are third-party vulnerabilities.
NOTE: I briefly discussed
these vulnerabilities on January 22nd, 2022.
Johnson Controls Advisory - This advisory
describes a server-side request forgery in the Johnson Controls Metasys SCT and
SCT Pro building automation software.
Delta Advisory - This advisory
describes two vulnerabilities in the Delta ASDA-Soft servo software.
For more details about these advisories, including links to
3rd party advisories and exploits, see my article at CFSN Detailed
Analysis - https://patrickcoyle.substack.com/p/3-advisories-published-4-21-22
- subscription required.
Posts
No comments:
Post a Comment