Today CISA’s NCCIC-ICS published 10 control system security advisories for products from PTZOptics, AVEVA (3), and Siemens (6).
Advisories
PTZOptics Advisory -
This advisory
describes four vulnerabilities in multiple PTZOptics cameras.
AVEVA Advisory #1 -
This advisory
describes two vulnerabilities in the AVEVA PI Connector for CygNet.
AVEVA Advisory #2 -
This advisory
describes a cross-site scripting vulnerability in the AVEVA PI Web API.
AVEVA Advisory #3 -
This advisory
describes two uncaught exception vulnerabilities in the AVEVA PI Data Archive.
Energy Services
Advisory - This advisory
describes an incorrect default permissions vulnerability in the Siemens Energy
Services products using the Elspec G5 Digital Fault Recorder.
SIMATICS Advisory -
This advisory
discusses 63 vulnerabilities in the Siemens SIMATIC S7-1500 CPU family.
SIMATICS Advisory -
This advisory
discusses 63 vulnerabilities in the Siemens SIMATIC S7-1500 CPU family.
SCALANCE Advisory #1 -
This advisory
describes three vulnerabilities in the Siemens SCALANCE and RUGGEDCOM products.
RUGGEDCOM Advisory -
This advisory
discusses a cross-site scripting vulnerability in the Siemens RUGGEDCOM APE1808.
Tecnomatix Advisory - This advisory describes an out-of-bounds read vulnerability in the Siemens Tecnomatix Plant Simulation V2404.
For more information on these advisories, see my article at
CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/advisories-published-6-12-25
- subscription required.
Posts
No comments:
Post a Comment