Tuesday, March 12, 2024

Review – 1 Advisory Published – 3-12-24

Today, CISA’s NCCIC-ICS published one control system security advisory for products from Schneider Electric. Schneider published two other new advisories today (in addition to this one) and four updates. I will be covering those this weekend.


Schneider Advisory - This advisory describes a deserialization of untrusted data vulnerability in the Schneider EcoStruxure Power Design - Ecodial NL, INT, and FR products.


For more information on this advisory, including looking at the recommended ‘compute a hash’ value for project files, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/1-advisory-published-3-12-24 - subscription required.

No comments:

/* Use this with templates/template-twocol.html */