Today, CISA’s NCCIC-ICS published two control system security advisories for products from Delta Electronics and CyberPower. They also updated (again) the advisory from Chirp Systems. I take another look at Brown’s statements about the Chirp Systems vulnerability.
Advisories
Delta Advisory - This
advisory
describes three vulnerabilities in the Delta DIAEnergie industrial energy
management system.
CyberPower Advisory - This advisory describes nine vulnerabilities in the CyberPower Power Panel product.
Updates
Chirp Systems Update -
This update
provides additional information on an advisory that was originally published on
March 7th, 2024 and most
recently updated on April 25th, 2024.
For more details about these vulnerabilities, including a
summary of changes made to the updated advisory and a commentary about the
differences between the researcher and vendor looks at the Chirp Systems
vulnerability, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-and-1-update-published-621
- subscription required.
No comments:
Post a Comment