Today CISA’s NCCIC-ICS published one control system security advisory for products from NSA.
Advisories
NSA Advisory - This advisory describes an improper restriction of XML external entity reference vulnerability in the NSA GRASSMARLIN passive network mapping tool.
For more information on this advisory, including a brief down-the-rabbit-hole look at GRASSMARLIN, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/1-advisory-published-4-28-26 - subscription required.
Posts
No comments:
Post a Comment