Today, CISA’s NCCIC-ICS published six control system security advisories for products from Rockwell Automation, CODESYS (3), Opto 22, and KNX Association.
Advisories
Rockwell Advisory -
This advisory
discusses an out-of-bounds write vulnerability in select Input/Output Modules
from Rockwell.
CODESYS Advisory #1 -
This advisory
describes an insufficient verification of data authenticity vulnerability in
the CODESYS Development System.
CODESYS Advisory #2 -
This advisory
describes an insufficient verification of data authenticity vulnerability in
the CODESYS Development System.
CODESYS Advisory #3 -
This advisory
describes an uncontrolled search path element vulnerability in the CODESYS
Development System.
Opto 22 Advisory - This advisory
describes 5 vulnerabilities in the Opto 22 SNAP PAC S1 product.
KNX Protocol Advisory
- This advisory
describes an overly restrictive account lockout mechanism vulnerability in the
KNX Protocol.
For more details about these advisories, including links to
researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/six-advisories-published-8-24-23
- subscription required.
Posts
No comments:
Post a Comment