Tuesday, December 12, 2023

Review – 1 Advisory and 1 Update Published

Today, CISA’s NCCIC-ICS published one control system security advisory for products from Schneider Electric. They also updated an advisory for products from Mitsubishi Electric.

NOTE: Schneider published two other advisories and an update today. If not addressed by CISA on Thursday, I will cover them this weekend.


Schneider Advisory - This advisory describes a path traversal vulnerability in the Schneider Easy UPS Online Monitoring Software.


Mitsubishi Update - This update provides additional information on the MELSEC iQ-R, iQ-L Series and MELIPC Series advisory that was originally published on December 22nd, 2022, and most recently updated on July 13th, 2023.


For more information on these advisories, including a brief summary of changes made in the update, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/1-advisory-and-1-update-published-581 - subscription required.


No comments:

/* Use this with templates/template-twocol.html */