Today CISA’s NCCIC-ICS published four control systems security advisories for products from AVEVA, Anviz, Horner Automation, and Delta Electronics.
Advisories
AVEVA Advisory - This advisory describes a missing authorization vulnerability in the AVEVA Pipeline Simulation product.
Anviz Advisory - This advisory describes 12 vulnerabilities in multiple Anviz time clock products.
Horner Advisory - This advisory describes a weak password requirements vulnerability in the Horner Cscape, XL4, and XL7 PLCs.
Delta Advisory - This advisory describes a stack-based buffer overflow vulnerability in the Delta ASDA-Soft configuration software.
For more information on these advisories, including a brief discussion about the missing Siemens advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/4-advisories-published-4-16-23 - subscription required.
Posts
No comments:
Post a Comment