Thursday, October 27, 2022

Review – 4 Advisories Published – 10-27-22

Today, CISA’s NCCIC-ICS published four control system security advisories for products from Trihedral, Rockwell Automation (2), and SAUTER.

Trihedral Advisory - This advisory describes an improper input validation vulnerability in the Trihedral VTScada.

Rockwell Advisory #1 - This advisory discusses nine vulnerabilities (one with a known exploit) in the Rockwell Stratix Devices.

Rockwell Advisory #2 - This advisory describes an improper access control vulnerability in the Rockwell FactoryTalk Alarm and Events Server.

SAUTER Advisory - This advisory describes a cross-site scripting vulnerability in the SAUTER moduWeb.

 

For more details about these advisories, including links to 3rd party advisories and exploits, see my article in CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/4-advisories-published-10-27-22 - subscription required.

Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
/* Use this with templates/template-twocol.html */