Tuesday, March 5, 2024

Review – 2 Advisories and 1 Update Published – 3-5-24

Today, CISA’s NCCIC-ICS published a control system security advisory for products from Nice and a medical device control system security advisory for products from Santesoft. They also updated a security advisory for products from Integration Objects. CISA also added a surveillance product vulnerability to their Known Exploited Vulnerabilities (KEV) catalog for products from Sunhillo.


Nice Advisory - This advisory describes 12 vulnerabilities in the Nice Linear eMerge E3-Series access control products.

Santesoft Advisory - This advisory describes an out-of-bounds read vulnerability in the Santesoft Sante FFT Imaging product.


Integration Update - This update provides additional information on the OPC UA Server Toolkit advisory that was originally published on January 16th, 2024.


New KEV Lising - CISA added CVE-2021-36380 Sunhillo SureLine OS command injection vulnerability to the KEV catalog.


For more information about these advisories, including links to researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-and-1-update-published-c77 - subscription required.

No comments:

/* Use this with templates/template-twocol.html */