Tuesday, December 9, 2025

Review – 3 Advisories Published – 12-9-25

Today CISA’s NCCIC-ICS published three control system security advisories for products from India-Based CCTV vendors, Festo, and U-BOOT.

Advisories

D-Link Advisory - This advisory describes a missing authentication for critical function vulnerability in the D-Link (India-Limited) DCS-F5614-L1 CCTV (not sold in US).

Festo Advisory - This advisory discusses a cross-site scripting vulnerability (with publicly available exploit) in the Festo LX Appliance.

U-BOOT Advisory - This advisory describes an improper access control for volatile memory containing boot code vulnerability in the U-BOOT bootloader (the advisory lists affected Qualcomm chips).

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-published-12-9-25 - subscription required.

Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
/* Use this with templates/template-twocol.html */