Today CISA’s NCCIC-ICS published seven control system security advisories for products from Schneider Electric (2), Mitsubishi Electric (2), Rockwell Automation, AzeoTech, and AVer. They also published a medical device security advisory for products from Apollo Pharmacy.
Advisories
Schneider Advisory #1 - This advisory describes an insufficient entropy vulnerability in multiple Schneider product lines.
Schneider Advisory #2 - This advisory describes a path traversal vulnerability in the Schneider EasyLogic T150 and Saitel DP products.
Mitsubishi Advisory #1 - This advisory describes an expected behavior violation vulnerability in the Mitsubishi MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP.
Mitsubishi Advisory #2 - This advisory describes an integer overflow or wraparound vulnerability in the Mitsubishi MELSEC iQ-F Series products.
Rockwell Advisory - This advisory describes three vulnerabilities in the Rockwell FactoryTalk Historian Site Edition.
AzeoTech Advisory - This advisory describes a type confusion vulnerability in the AzeoTech DAQFactory product.
AVer Advisory - This advisory describes a files or directories accessible to external parties vulnerability in the AVer PTC cameras.
Apollo Advisory - This advisory describes two vulnerabilities in the Apollo Blood Glucose Monitoring System APG-01 BT.
For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/8-advisories-published-6-18-26 - subscription required.
Posts
No comments:
Post a Comment