Today, CISA’s NCCIC-ICS published five control system security advisories for products from Delta Industrial, Rockwell Automation (2), ARC, and Fuji Electric. They also updated an advisory for products from Prosys.
Advisories
Delta Advisory - This
advisory
describes a command injection vulnerability in the Delta DX-3021 4G Router.
Rockwell Advisory #1 -
This advisory
two vulnerabilities in the Rockwell MicroLogix—a line of programmable logic
controllers (PLCs).
NOTE – I briefly
discussed these vulnerabilities Sunday.
Rockwell Advisory #2 -
This advisory
describes an improper input validation vulnerability in the Rockwell GuardLogix
and ControlLogix controllers.
NOTE – I briefly
discussed these vulnerabilities Sunday.
ARC Advisory - This
advisory
describes two vulnerabilities in the ARC PcVue SCADA software. The vulnerabilities
are self-reported.
NOTE: I briefly
discussed one of the vulnerabilities on November 26th, 2022.
Fuji Advisor - This advisory describes two vulnerabilities in the Fuji Electric Tellus Lite V-Simulator.
Update
Prosys Update - This
update
provides additional information on an advisory that was originally
published on December 15th, 2022.
For more details about these vulnerabilities, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/5-advisories-and-1-update-published-462 - subscription required.
Posts
No comments:
Post a Comment