Review – 3 Advisories Published – 10-11-22

Today, CISA’s NCCIC-ICS published three controls system security advisories for products from Johnson Controls, Daikin Holdings and Altair.

Johnson Control Advisory - This advisory describes an observable response discrepancy vulnerability in the Johnson Controls C-CURE 9000 security management system.

Daikin Advisory - This advisory describes two vulnerabilities in the Daikin SVMPC1 and SVMPC2 remote controllers.

Altair Advisory - This advisory describes four vulnerabilities in the Altair HyperView Player.

 

For more details about these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-published-10-11-22 - subscription required.