Tuesday, November 1, 2022

Review - 1 Update Published – 1-11-22

Today, CISA’s NCCIC-ICS published an update for a control system security advisory for products from Mitsubishi. I also look at the current state of the response to the OT:ICEFALL report.

Mitsubishi Update - This update provides additional information on an advisory that was originally published on August 9th, 2022 and most recently updated on August 30th, 2022.


Back in June Forescout’s Vedere Labs published their report on OT:ICEFALL. Readers will likely remember that the report identified 56 vulnerabilities over control system products from nine different vendors. CISA’s NCCIC-ICS did not publish an alert when Forescout’s report was published (even though it contained proof-of-concept code); instead, they approached the individual vendors and attempted to coordinate disclosure on the individual product lines.

Starting on June 21st CISA began issuing what has been to date 18 advisories with the latest one being issued on August 30th. While that covers all of the vendors listed in the Vedere Labs report, it does not address all of the vulnerabilities, nor have I found vendor advisories that cover the 12 vulnerabilities not yet covered by NCCIC-ICS.

For more details about the advisory and the OT:ICEFALL status, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/1-update-published-1-11-22 - subscription required.

No comments:

/* Use this with templates/template-twocol.html */