Today, CISA’s NCCIC-ICS published three control system
security advisories for products from Rockwell Automation and Hitachi Energy.
Rockwell Advisory - This advisory describes
a heap-based buffer overflow vulnerability in the Rockwell ThinManager
ThinServer, a thin client and remote desktop protocol (RDP) server management
software.
NOTE: I briefly discussed this vulnerability on Saturday.
Hitachi Advisory #1 - This advisory discusses
two vulnerabilities (one with known exploit) in the Hitachi Energy Lumada Asset
Performance Management (APM) Edge product.
NOTE: I briefly
discussed these vulnerabilities on July 30th, 2022.
Hitachi Advisory #2 - This advisory discusses
an improper input validation vulnerability in the Hitachi Energy AFS660/AFS665
industrial switches.
NOTE: I briefly
discussed these vulnerabilities on July 30th, 2022.
For more details on these advisories, including links to third-party advisories and exploits, see my Article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-published-9-27-22 - subscription required.
Posts
No comments:
Post a Comment