Review – 3 Advisories Published – 7-18-24

Today, CISA’s NCCIC-ICS published two control system security advisories for products from Subnet Solutions and Mitsubishi Electric. They also published a medical device security advisory for products from Philips.

Advisories

Subnet Advisory - This advisory discusses a prototype pollution vulnerability with known exploits in the Subnet PowerSYSTEM Center.

Mitsubishi Advisory - This advisory discusses an improper verification of cryptographic signature vulnerability in the Mitsubishi MELSOFT MaiLab.

Philips Advisory - This advisory discusses 13 vulnerabilities (2 with known exploits) in the Philips Vue PACS product.

 

For more information on these advisories, including links to 3rd party advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-published-7-18-24 - subscription required.