Review - 1 Advisory Published – 2-14-23

Today, CISA’s NCCIC-ICS published a control system security advisory for products from Weintek.

Weintek Advisory - This advisory describes a path traversal vulnerability in the Weintek EasyBuilder Pro project management software.

 

For more details on this advisory, and a down-the-rabbit-hole look at the 2019 bug that allowed researchers to develop proof-of-concept code for the Weintek vulnerability, see my article at CFSN Detailed Analysis - - subscription required.