Tuesday, July 25, 2023

Review – 4 Advisories Published – 7-25-23

Today, CISA’s NCCIC-ICS published four control system security advisories for products from Johnson Controls, Emerson, Rockwell Automation, and AXIS.

Advisories

Johnson Controls Advisory - The advisory describes an improper restrictions of excessive authentication attempts vulnerability in the Johnson Controls IQ Wifi 6 mesh router.

Emerson Advisory - The advisory describes an authentication bypass by primary weakness vulnerability in the Emerson ROC800-Series RTU and DL8000 Preset Controllers.

Rockwell Advisory - The advisory that describes a relative path traversal vulnerability in the Rockwell ThinManager ThinServer.

AXIS Advisory - The advisory describes a heap-based buffer overflow vulnerability in the AXIS A1001 network door controller.

 

For more details about these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/4-advisories-published-7-25-23 - subscription required.

Posted by at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
/* Use this with templates/template-twocol.html */