Thursday, March 9, 2023

Review – 5 Advisories Published – 3-9-23

Today, CISA’s NCCIC-ICS published five control system security advisories for products from Hitachi Energy, STEP, ABB, B&R Industrial Automation, and Akuvox.


Hitachi Energy Advisory - This advisory describes an insufficient verification of data authenticity vulnerability in the Hitachi Relion 670, 650, and SAM600-IO Series product lines.

STEP Tools Advisory - This advisory escribes a NULL pointer dereference vulnerability in the STEP Tools ifcmesh library.

ABB Advisory - This advisory describes an improper authentication vulnerability in the ABB Ability Symphony Plus S+ Operations products.

B&R Advisory - This advisory describes a cross-site scripting vulnerability in the B&R Systems Diagnostics Manager (SDM).

Akuvox Advisory - This advisory describes thirteen vulnerabilities in the Akuvox E11 video door phone system.


For more details about these advisories, including links to vendor advisories, researcher reports and exploits, see my article at CFSN Detailed Analysis - - subscription required.

No comments:

/* Use this with templates/template-twocol.html */