Today, CISA’s NCCIC-ICS published a control system security advisory for products from Rockwell Automation.
Rockwell Advisory
This advisory discusses Cisco IOS XE Software Web UI privilege escalation vulnerability in the Rockwell Stratix 5200 and 5800 products. The vulnerability is listed in the CISA Known Exploited Vulnerability Catalog. Rockwell provides generic mitigation measures, pending development of a fix.
NCCIC-ICS reports that a relatively low-skilled attacker could use an existing exploit to exploit the vulnerability to allow an unauthenticated attacker to take control of the affected system.
NOTE: I briefly
discussed the Rockwell report on this vulnerability on Saturday.
No comments:
Post a Comment