Thursday, July 17, 2025

Review – 2 Advisories and 1Update Published – 7-17-25

Today CISA’s NCCIC-ICS published a control system security advisory for products from Leviton and a medical device security advisory for products from Panoramic Corp. There is an update for a previously released control system advisory for products from Johnson Controls.

Advisories

Leviton Advisory - This advisory describes a cross-site scripting vulnerability in the Leviton AcquiSuite and Energy Monitoring Hub products.

Panoramic Advisory - This advisory discusses an uncontrolled search path element vulnerability (with a publicly available exploit) in the Panoramic (dental) Digital Imaging Software.

Updates

Johnson Controls Update - This update provides additional information on the C●CURE 9000 advisory that was originally published on July 9th, 2024, and most recently updated on January 16th, 2025.

 

For more information on these advisories, including links to researcher reports and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-and-1update-published - subscription required.
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
/* Use this with templates/template-twocol.html */