Today, CISA’s NCCIC-ICS published five control system security advisories for products from Delta Electronics (3), Baicells Technologies, and Mitsubishi Electric. They also updated an advisory for Mitsubishi.
Advisories
Delta Advisory #1 - This advisory describes
two vulnerabilities with known exploits in the Delta DX-2100-L1-CN industrial
ethernet router.
NOTE: I briefly
discussed the vulnerabilities on December 10th, 2022.
Delta Advisory #2 -
This advisory
describes an OS command injection vulnerability with known exploit in the Delta
DVW-W02W2-E2 industrial ethernet router.
NOTE: I briefly
discussed the vulnerabilities on December 10th, 2022.
Delta Advisory #3 -
This advisory
describes three vulnerabilities in the Delta DIAScreen software configuration
tool for Delta devices.
Baicells Advisory -
This advisory
describes a command injection vulnerability in the Baicells Nova LTE TDD eNodeB
devices.
NOTE: Baicells recently reported
another vulnerability that has not been reported by NCCIC-ICS. I will report on
it this weekend.
Mitsubishi Advisory - This advisory describes two vulnerabilities in the Mitsubishi GOT Mobile Function on GOT2000 Series and GT SoftGOT2000.
Updates
Mitsubishi Update -
This update
provides additional information on an advisory that was originally
published on August 9th, 2022 and most
recently updated on November 1st, 2022.
For more information on these advisories, including links to
researcher reports, see my article on CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/5-advisories-and-1-update-published-0b1
- subscription required.
Posts
No comments:
Post a Comment