Today, CISA’s NCCIC-ICS published four control system security advisories for products from Hitachi Energy, Honeywell, Kingspan, and Delta Industrial Automation.
Hitachi Energy Advisory - This advisory discusses
an off-by-one error vulnerability with known exploits in the Hitachi Energy TXpert
Hub CoreTec 4 digital transformer monitoring and diagnostics device.
NOTE: I briefly
discussed this vulnerability on May 14th, 2022.
Honeywell Advisory - This advisory describes
two vulnerabilities in the Honeywell SoftMaster desktop PLC application.
Kingspan Advisory - This advisory describes
an improper authentication vulnerability in the Kingspan TMS300 CS water tank management
system.
Delta Advisory - This advisory describes
a use of hard-coded credentials vulnerability in the Delta DIAEnergie
industrial energy management system.
For more details on these advisories, including links to
third-party advisories and exploits, see my article at CFSN Detailed Analysis -
https://patrickcoyle.substack.com/p/4-advisories-published-9-13-22
- subscription required.
Posts
No comments:
Post a Comment