Earlier this week I reported on four new CISA NCCIC-ICS control system security advisories published on Tuesday. Unfortunately, I relied on the CISA listing of new advisories/updates listed on the ICS-CERT Advisories page, which still just shows those advisories upon which I reported.
This morning, while checking my TWITTER® feed, I clicked on the link in an
@ICS-CERT tweet about Tuesday’s
advisories to a report on the National Cyber Awareness System about “CISA
Releases Five Industrial Control Systems Advisories”. That page lists the
four previously mentioned advisories plus an update for ICSA-20-324-02 Paradox
IP150 (Update A). So here is my reporting on that update, sorry about the
delay.
Paradox Update
This update provides additional information on an advisory
that was originally
published on November 17th, 2020 (not 2021 as reported in the
latest update). The new information includes reporting that all firmware
versions of the IP150 internet module are affected by the vulnerabilities.
Interestingly, CISA did not remove the original listing of ‘firmware Version
5.02.09’ from the listing of ‘Affected Products’.
Posts
No comments:
Post a Comment