Today CISA’s NCCIC-ICS published four control system security advisories for products from Yokogawa and Schneider (3). They also updated two previously published Schneider advisories.
Advisories
Yokogawa Advisory -
This advisory
describes a missing authentication for critical function vulnerability in the
Yokogawa recorder products.
Schneider Advisory #1
- This advisory
describes two vulnerabilities in the Schneider ConneXium Network Manager.
Schneider Advisory #2
- This advisory
describes six vulnerabilities in the Schneider Electric Sage Series RTU’s.
Schneider Advisory #3 - This advisory describes three vulnerabilities in the Schneider Trio Q Licensed Data Radios.
Updates
Schneider Update #1 -
This update
provides additional information on the Modicon M580 and Quantum Controllers
advisory that was originally published on February 27th, 2025.
Schneider Update #2 -
This update
provides additional information on the M340, MC80, and Momentum Unity M1E advisory
that was originally published on November 21st, 2024.
For more information on these advisories, see my article at
CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/4-advisories-and-2-updates-published-e1d
- subscription required.
Posts
No comments:
Post a Comment