Today CISA’s NCCIC-ICS published four control system security advisories for products from Schneider Electric, Rockwell Automation, Hitachi Energy, and ThreatQuotient. They also published a medical device security advisory for products from BD.
Advisories
Schneider Advisory -
This advisory
describes an improper input validation vulnerability in the Schneider Modicon
PLCs.
Hitachi Energy Advisory
- This advisory
discusses an improper input validation vulnerability in the Hitachi Energy TropOS
devices.
Rockwell Advisory -
This advisory
describes three vulnerabilities in the Rockwell PowerMonitor 1000 Remote
products.
ThreatQuotient
Advisory - This advisory
describes a command injection vulnerability in the ThreatQuotient ThreatQ
Platform.
BD Advisory - This
advisory
describes a use of default credentials vulnerability in multiple BD Diagnostic
Solutions products.
For more information on these vulnerabilities, including
links to 3rd party advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/5-advisories-published-12-17-24
- subscription required.
Posts
No comments:
Post a Comment