Today, CISA’s NCCIC-ICS published five control system security advisories for products from Kieback&Peter, HMS, Mitsubishi Electric, LCDS, and Elvaco. They also published updates for products from goTenna.
Advisories
Kieback&Peter
Advisory - This advisory
describes three vulnerabilities in the Kieback&Peter DDC4000 series building
automation controllers.
HMS Advisory - This
advisory
describes an insufficiently protected credentials vulnerability in the HMS WON
FLEXY 202 industrial modular gateway.
Mitsubishi Advisory -
This advisory
describes an improper validation of specified quantity in input vulnerability
in the Mitsubishi CNC products.
LCDS Advisory - This
advisory
describes a cross-site scripting vulnerability in the LCDS LAquis SCADA HMI
program.
Elvaco Advisory - This advisory describes four vulnerabilities in the Elvaco CMe3100 metering gateway.
Updates
GoTenna Update #1 -
This update
provides additional information on the Pro ATAK Plugin advisory that was
originally published on September 26th, 2024.
GoTenna Update #2 -
This update
provides additional information on the Pro X and Pro X2 advisory that was originally
published on September 26th, 2024.
For more information on these advisories see my article at
CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/5-advisories-and-2-updates-published-bb1
- subscription required.
Posts
No comments:
Post a Comment