Review – 3 Advisories Published – 5-6-25

Today CISA’s NCCIC-ICS published three control system security advisories for products from BrightSign, Milesight, and Optigo Networks.

Advisories

BrightSign Advisory - This advisory describes an execution with unnecessary privileges vulnerability in the BrightSign OS.

Milesight Advisory - This advisory describes an improper access control for volatile memory containing boot code vulnerability in the Milesight UG65-868M-EA industrial gateway.

Optigo Advisory - This advisory describes a use of hard-coded credentials vulnerability in the Optigo ONS NC600 network controller.

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-published-5-6-25 - subscription required.