Today, CISA’s NCCIC-ICS published three control system security advisories for products from Mitsubishi Electric, Meridian Cooperative, and Johnson Controls.
Mitsubishi Advisory - This advisory describes
improper input validation vulnerability in the Mitsubishi MELSEC-Q/L Series and
iQ-R Series interface modules.
Meridian Advisory - This advisory describes
an improper access control vulnerability in the Meridian utility software. The
vulnerability was reported by Brandon Roach.
Johnson Controls - This advisory describes
three vulnerabilities in the Johnson Controls Metasys ADS/ADX/OAS Servers.
For more details on these advisories as well as a Down the
Rabbit Hole look at ADS/ADX/OAS Servers vulnerabilities, see my article at CFSN
Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-published-6-14-22
- subscription required.
Posts
No comments:
Post a Comment