Today CISA’s NCCIC-ICS published three control system security advisories for products from Mitsubishi Electric, Hitachi Energy, and Horner Automation. They also published a medical device security advisory for products from Pixmeo. Finally, the updated an advisory for products from Hitachi Energy.
Advisories
Mitsubishi Advisory -
This advisory
describes an improper validation of quantity in input vulnerability in the
Mitsubishi CC-Link IE TSN modules.
Hitachi Energy
Advisory - This advisory
discusses three vulnerabilities in the Hitachi Energy RTU500 series products.
Horner Advisory -
This advisory
describes an out-of-bounds read vulnerability in the Horner Cscape control
system application programming software.
Pixmeo Advisory - This advisory describes three vulnerabilities in the Pixmeo OsiriX MD medical images viewer.
UPDATES
Hitachi Energy Update
- This update
provides additional information on the RTU500 Series advisory that was
originally published on April 3rd, 2025.
For more information on these advisories, including links to
researcher reports as well as references to earlier discussions about the
reported vulnerabilities, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/4-advisories-and-1-update-published-6e1
- subscription required.
Posts
No comments:
Post a Comment