Today, CISA’s NCCIC-ICS published four control system
security advisories for products from Hitachi Energy, Cognex, AVEVA, and
Triangle Microworks. They also updated an advisory for products from Delta
Electronics.
Hitachi Advisory - This advisory describes
three vulnerabilities in the Hitachi Energy TXpert Hub CoreTec 4 digital
transformer monitoring and diagnostics device.
NOTE: I briefly
discussed the vulnerabilities on May 14th, 2022.
Cognex Advisory - This advisory describes
three vulnerabilities in the Cognex 3D-A1000 Dimensioning System, an industrial
smart camera.
AVEVA Advisory - This advisory describes
six vulnerabilities in the AVEVA Edge (formerly InduSoft Web Studio).
NOTE: I briefly
discussed these vulnerabilities on August 20th, 2022.
Triangle Microworks Advisory - This advisory describes
an access of uninitialized pointer vulnerabilities in the Triangle Microworks TMW
IEC 61850 and TMW IEC 60870-6 (ICCP/TASE.2) Software Libraries.
Delta Update - This update
provides additional information on an advisory that was originally
published on September 9th, 2021.
For more details about these advisories, including links to
researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/4-advisories-and-1-update-published-ee3
- subscription required.
Posts
No comments:
Post a Comment