Today, CISA’s NCCIC-ICS published a control system security advisory for products from Nice and a medical device control system security advisory for products from Santesoft. They also updated a security advisory for products from Integration Objects. CISA also added a surveillance product vulnerability to their Known Exploited Vulnerabilities (KEV) catalog for products from Sunhillo.
Advisories
Nice Advisory - This
advisory
describes 12 vulnerabilities in the Nice Linear eMerge E3-Series access control
products.
Santesoft Advisory - This advisory describes an out-of-bounds read vulnerability in the Santesoft Sante FFT Imaging product.
Updates
Integration Update - This update provides additional information on the OPC UA Server Toolkit advisory that was originally published on January 16th, 2024.
KEV
New KEV Lising - CISA added CVE-2021-36380 Sunhillo
SureLine OS command injection vulnerability to the KEV catalog.
For more information about these advisories, including links
to researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-and-1-update-published-c77
- subscription required.
Posts
No comments:
Post a Comment