Today, CISA’s NCCIC-ICS published a control system security advisory for products from Rockwell Automation. They also updated two advisories for products from Mitsubishi. Mitsubishi published four other updates this week, I will cover them this weekend.
Rockwell Advisory - This advisory
describes a type confusion vulnerability in the FactoryTalk Software, Enhanced
HIM for PowerFlex, and Connected Components Workbench.
NOTE: I briefly
discussed this vulnerability on July 16th, 2022.
Mitsubishi Update #1 - This update
provides additional information on an advisory that was originally
published on December 16th, 2021 and most
recently updated on June 30th, 2022.
Mitsubishi Update #2 - This update
provides additional information on an advisory that was originally
published on July 30th, 2020 and most
recently updated on May 31st, 2022.
For more details on the advisory and update, including link
to 3rd-party advisory, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/1-advisory-and-2-updates-published-d3c
- subscription required.
Posts
No comments:
Post a Comment