Today, CISA’s NCCIC-ICS published three control system security advisories for products from Deep Sea Electronics, iniNet Solutions and VIMESA. They also updated an advisory for products from OMNTEC.
Advisories
Deep Sea Advisory -
This advisory
describes a missing authentication for critical function vulnerability in the
Deep Sea DSE855 ethernet communications device.
iniNet Advisory -
This advisory
describes a path traversal vulnerability in the iniNet SpiderControl SCADA PC
HMI Editor software management platform.
VIMESA Advisory - This advisory describes an improper access control vulnerability in the VIMESA VHF/FM Transmitter Blue Plus.
Updates
OMNTEC Update - This
update
provides additional information on the Proteus Tank Monitoring advisory that
was originally published on September 24th, 2024.
For more details about these advisories, including a down-the-rabbit-hole
look at additional Deep Sea vulnerabilities, see my article at CFSN Detailed
Analysis - https://patrickcoyle.substack.com/p/3-advisories-and-1-update-published-81e
- subscription required.
Posts
No comments:
Post a Comment