Thursday, May 2, 2024

Review – 2 Advisories and 1 Update Published – 5-2-24

Today, CISA’s NCCIC-ICS published two control system security advisories for products from Delta Electronics and CyberPower.  They also updated (again) the advisory from Chirp Systems. I take another look at Brown’s statements about the Chirp Systems vulnerability.

Advisories

Delta Advisory - This advisory describes three vulnerabilities in the Delta DIAEnergie industrial energy management system.

CyberPower Advisory - This advisory describes nine vulnerabilities in the CyberPower Power Panel product.

Updates

Chirp Systems Update - This update provides additional information on an advisory that was originally published on March 7th, 2024 and  most recently updated on April 25th, 2024.

 

For more details about these vulnerabilities, including a summary of changes made to the updated advisory and a commentary about the differences between the researcher and vendor looks at the Chirp Systems vulnerability, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-and-1-update-published-621 - subscription required.

No comments:

 
/* Use this with templates/template-twocol.html */