Today CISA’s NCCIC-ICS published seven control system security advisories for products from Delta Electronics, Siemens (4), Hitachi Energy, and Schneider Electric. They also published an update for an advisory for products from Schneider.
Advisories
Delta Advisory - This
advisory
describes two path traversal vulnerabilities in the Delta DIALink product.
Siemens Advisory #1 -
This advisory
discusses an infinite loop vulnerability in multiple Siemens products.
Siemens Advisory #2 -
This advisory
discusses an out-of-bounds read vulnerability in Siemens Industrial Products.
Siemens Advisory #3 -
This advisory
discusses three vulnerabilities (including one listed in CISA’s KEV catalog) in
the Siemens RUGGEDCOM, SINEC NMS, and SINEMA products.
Siemens Advisory #4 -
This advisory
discusses two integer overflow or wraparound vulnerabilities in the Siemens SIMATIC
NET CP, SINEMA, and SCALANCE products.
Hitachi Energy
Advisory - This advisory
discusses seven vulnerabilities (one with publicly available exploit) in
Hitachi Energy RTU500 series products.
Schneider Advisory - This advisory describes a cross-site scripting vulnerability (proof-of-concept code is available) in multiple Schneider products.
Updates
Schneider Update -
This update
provides additional information on the Galaxy VS advisory that was originally
published on May 20th, 2025.
No comments:
Post a Comment