Today, CISA’s NCCIC-ICS published four control system security advisories for products from Digi International, PTC, GE Digital, and ARDEREG.
Advisories
Digi Advisory - This
advisory
describes a use of password hash instead of password for authentication
vulnerability in the Digi RealPort Protocol.
PTC Advisory - This
advisory
describes four vulnerabilities in the PTC Kepware KepServerEX.
GE Advisory - This
advisory
describes a process control vulnerability in the GE CIMPLICITY 2023 product.
ARDEREG Advisory -
This advisory
describes an SQL injection vulnerability in the ARDEREG Sistemas SCADA.
For more details on these advisories, including links to
researcher reports and a down-the-rabbit-hole look at the Digi advisory, see my
article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/4-advisories-published-8-31-23
- subscription required.
Posts
No comments:
Post a Comment