Today CISA’s NCCIC-ICS published four controls system security advisories for products from Dover Fueling Solutions, Fuji Electric, LS Electric, and Siemens. They also updated an advisory for products from Siemens. I also take a down-the-rabbit-hole look at the significance of the Siemens update.
Advisories
Dover Fueling
Advisory - This advisory
describes a missing authentication for critical function vulnerability in the
Dover ProGauge MagLink LX fuel and water tank monitor.
Fuji Advisory - This
advisory
describes three vulnerabilities in the Fuji Smart Editor.
LS Electric Advisory -
This advisory
describes three vulnerabilities in the LS Electric GMWin 4 programming software
tool.
Siemens Advisory - This advisory describes a zip path traversal vulnerability in the Siemens Mendix Studio Pro integrated development environment.
Updates
Siemens Update - This update provides additional information on the SENTRON Powercenter 1000 advisory that was originally published on December 12th, 2024.
For more information on these advisories, including a
down-the-rabbit-hole look at an unusual Siemens update, see my article at CFSN Detailed
Analysis - https://patrickcoyle.substack.com/p/4-advisories-and-1-update-published-9d0
- subscription required.
Posts
No comments:
Post a Comment