Today CISA’s NCCIC-ICS published four control system security advisories for products from ABB, Schneider, and Siemens (2). They also updated an advisory for products from Schneider.
Advisories
ABB Advisory - This
advisory
discusses 15 vulnerabilities in the ABB MV Drives products.
Schneider Advisory -
This advisory
describes an exposure of sensitive information to an unauthorized actor
vulnerability in the Schneider Wiser Home Controller.
Siemens Advisory #1 -
This advisory
describes an improper handling of length parameter inconsistency in the Siemens
TeleControl Server Basic.
Siemens Advisory #2 - This advisory describes 67 SQL injection vulnerabilities in the Siemens TeleControl Server Basic.
Updates
Schneider Update -
This update
provides additional information on the Modicon M580 PLCs advisory that was
originally published on February 4th, 2025.
For more information on these advisories, see my article at
CFSN Detailed Analysis - https://patrickcoyle.substack.com/publish/post/161915633
- subscription required.
Posts
No comments:
Post a Comment