Today CISA’s NCCIC-ICS published two control systems security advisories for products from GPL Odorizers and Contemporary Controls. They also updated an advisory for products from OpenPLC.
Advisories
GPL Advisory - This advisory describes a missing authentication for critical function vulnerability in the GPL Odorizers GPL750 series odorant injection systems.
Contemporary Advisory - This advisory describes a reliance on untrusted inputs in a security decision vulnerability in the Contemporary Controls BASC-20T controller.
Updates
OpenPLC Update - This update provides additional information (including three new CVE’s) on the OpenPLC V3 advisory that was originally reported on December 11th, 2025.
For more information on these advisories, including a down-the-rabbit-hole look at the use of odorants, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/2-advisories-and-1-update-published-d41 - subscription required.
Posts
No comments:
Post a Comment