Today, CISA’s NCCIC-ICS published three control system
security advisories for products from ICONICS, mySCADA, and Johnson Controls.
They also updated advisories for products from Johnson Controls.
Advisories
ICONICS Advisory -
This advisory
discusses five vulnerabilities (one with known exploit) in the ICONICS product
suite.
mySCADA Advisory -
This advisory
describes a use of hard-coded credentials vulnerability in the mySCADA myPRO
product.
Johnson Controls Advisory - This advisory describes an exposure of sensitive information to an unauthorized actor vulnerability in the Johnson Controls Kantech KT series door controllers.
Updates
Johnson Controls
Update #1 - This update
provides additional information on the Johnson Controls Illustra Essentials Gen
4 advisory that was originally published on June 27th, 2024.
Johnson Controls
Update #2 - This update
provides additional information on the Johnson Controls Illustra Essentials Gen
4 advisory that was originally published on June 27th, 2024.
Johnson Controls
update #3 - This update
provides additional information on the Johnson Controls Illustra Essentials Gen
4 advisory that was originally published on June 27th, 2024.
Johnson Controls Update #4 - This update provides additional information on the Johnson Controls Illustra Essentials Gen 4 advisory that was originally published on June 27th, 2024.
For more information on these advisories, including links to
3rd party advisories, exploits, and a brief look at the timing of
the Johnson Controls updates, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-and-4-updates-published-026
- subscription required.
Posts
No comments:
Post a Comment