Review – 2 Advisories Published – 1-7-25

Today CISA’s NCCIC-ICS published two control system security advisories for products from Nedap and ABB.

Advisories

Nedap Advisory - This advisory describes a missing authentication for critical function vulnerability in the Nedap Librix Ecoreader.

ABB Advisory - This advisory describes 26 vulnerabilities (all with publicly available exploits) in the ABB ASPECT-Enterprise, NEXUS, and MATRIX series products.

 

For more information on these advisories, including a down-the-rabbit-hole look at the ABB vulnerabilities, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-published-1-7-25 - subscription required.