Today, CISA’s NCCIC-ICS published three control system security advisories for products from Delta Electronics, alpitronic, and Rockwell Automation. They also updated an advisory for products from Rockwell.
Advisories
Delta Advisory - This
advisory
discusses a deserialization of untrusted data vulnerability (that is listed in
CISA’s Known Exploited Vulnerabilities Catalog) in the Delta InfraSuite Device
Master.
Alpitronic Advisory - This advisory
describes a use of default credential vulnerability in the alpitronic Hypercharger
EV charger high power charging station.
Rockwell Advisory - This advisory discusses two vulnerabilities in the Rockwell FactoryTalk Historian SE data management application.
Updates
Rockwell Update -
This update
provides additional information on the ControlLogix and GuardLogix advisory
that was originally published on April 16th, 2024.
For more information on these advisories, including functioning
links to vendor advisories and a down-the-rabbit-hole look at remote fixes, see
my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-and-1-update-published-107
- subscription required.
Posts
No comments:
Post a Comment