Today CISA’s NCCIC-ICS published two control system security advisories for products from Schneider Electric and INVT. They also updated an advisory for products from Danfoss.
Advisories
Schneider Advisory -
This advisory
describes an improper input validation vulnerability in the Schneider Modicon
M340 and Communication Modules.
INVT Advisory - This advisory describes nine vulnerabilities in the INVT VT-Designer and HMITool products.
Updates
Danfoss Update - This update provides additional information on the AK-SM 8xxA Series advisory that was originally published on May 20th, 2025.
For more information on these advisories, including links to
researcher reports, and a DTRH look at a ‘missing advisory’, see my article at
CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-and-1-update-published-edb
- subscription required.
Posts
No comments:
Post a Comment