Review – 3 Advisories and 2 Updates Published – 7-29-25

Today CISA’s NCCIC-ICS published three control system security advisories for products from Delta, Samsung, and National Instruments. They also updated two control system security advisories for products from Fuji and Johnson Controls.

Advisories

Delta Advisory - This advisory describes a deserialization of untrusted data vulnerability in the Delta DTN Soft product.

Samsung Advisory - This advisory describes six vulnerabilities in the Samsung Data Management Server (DMS).

National Instruments Advisory - This advisory describes two vulnerabilities in the NI LabVIEW product.

Updates

Fuji Update - This update provides additional information on the Tellus Lite V-Simulator advisory that was originally published on December 3, 2024.

Johnson Controls Update - This update provides additional information on the iStar Door Controller advisory that was originally published on June 6^th, 2024.

 

For more information on these advisories, see my article at CFSN Detailed Analysis, including links to researcher reports and a down-the-rabbit-hole look at the Delta vulnerability -https://patrickcoyle.substack.com/p/3-advisories-and-2-updates-published-5fa - subscription required.