Thursday, June 6, 2024

Review – 4 Advisories Published – 6-6-24

Today, CISA’s NCCIC-ICS published four control system security advisories for products from Johnson Control, Mitsubishi Electric, and Emerson (2).

Advisories

Johnson Controls Advisory - This advisory describes a missing authentication for critical function vulnerability in the Johnson Control Software House iStar Pro Door Controller, ICU.

Mitsubishi Advisory - This advisory discusses an allocation of resources without limit or throttling vulnerability in the Mitsubishi CC-Link IE TSN Industrial Managed Switch.

Emerson Advisory #1 - This advisory describes two vulnerabilities in the Emerson Ovation distributed control system.

Emerson Advisory #2 - This advisory describes four vulnerabilities in the Emerson PACSystem, Fanuc products.

 

For more information about these advisories, including a brief reprise of earlier discussions about the OT:ICEFALL report that included today’s Emerson vulnerabilities, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/4-advisories-published-6-6-24 - subscription required.

Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
/* Use this with templates/template-twocol.html */