Thursday, May 29, 2025

Review – 5 Advisories Published – 5-29-25

Today CISA’s NCCIC-ICS published four control system security advisories for products from Instantel, Consilium Safety, and Siemens (2). They also published a medical device security advisory for products from Santsoft.

Advisories

Instantel Advisory - This advisory describes a missing authentication for critical function vulnerability in the Instantel Micromate monitoring device.

Consilium Advisory - This advisory describes two vulnerabilities in the Consilium S5000 Fire Panel.

Siemens Advisory #1 - This advisory describes an out-of-bounds read vulnerability in the Siemens SiPass integrated products.

Siemens Advisory #2 - This advisory describes an improper verification of cryptographic signature vulnerability in the Siemens SiPass integrated products.

Santesoft Advisory - This advisory describes an out-of-bounds read vulnerability in the Santesoft Sante DICOM Viewer Pro.

 

For more information on these advisories, including links to researcher reports, as well as a down-the-rabbit-hole look at the Consilium vulnerability, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/5-advisories-published-5-29-25 - subscription required.
Posted by at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
/* Use this with templates/template-twocol.html */