Tuesday, January 13, 2026

Review – 3 Advisories and 1 Update Published – 1-13-26

Today CISA’s NCCIC-ICS published three control system security advisories for products from YoSmart and Rockwell Automation (2). They also updated an advisory for products from Güralp.

Advisories

YoSmart Advisory - This advisory describes four vulnerabilities (with publicly available exploit code) in the YoSmart YoLink Smart Hub.

Rockwell Advisory #1 - This advisory describes an SQL injection vulnerability in the Rockwell FactoryTalk DataMosaix Private Cloud.

Rockwell Advisory #2 - This advisory describes an allocation of resources without limit or throttling vulnerability in the Rockwell 432ES-IG3 Series A GuardLink EtherNet/IP Interface.

Update

Güralp Update - This update provides additional information on the FMUS and MIN series devices advisory that was originally published on July 31st, 2025, and most recently updated on August 14th, 2025.

 

For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/3-advisories-and-1-update-published-b62 - subscription required.
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
/* Use this with templates/template-twocol.html */