Tuesday, June 30, 2026

Review – 8 Advisories Published – 6-30-26

Today CISA’s NCCIC-ICS published 7 control system security advisories for products from Delta Electronics, Stonefly, B&R Automation, Schneider (2) Frangoteam, and Mitsubishi. They also published a medical device security advisory for products from OFFIS. 

Advisories  

Delta Advisory - This advisory describes two vulnerabilities in the Delta Electronics DVP12SE PLC. 

StoneFly Advisory - This advisory This advisory describes five vulnerabilities in the StoneFly Storage Concentrator. 

B&R Advisory - This advisory discusses a race condition within a thread vulnerability in multiple B&R products.  

Schneider Advisory #1 - This advisory describes two vulnerabilities in the Schneider Electric EasyLogic T150 and Saitel DP RTU. 

Schneider Advisory #2 - This advisory describes an improper restriction of XML external entity reference vulnerability in the Schneider Electric EcoStruxure IT Data Center Expert. 

Frangoteam Advisory - This advisory describes an authentication bypass by spoofing vulnerability in the Frangoteam FUXA SCADA/HMI. 

Mitsubishi Advisory - This advisory discusses four vulnerabilities in the Mitsubishi MELSOFT Update Manager SW1DND-UDM-M.  

OFFIS Advisory - This advisory describes five vulnerabilities in the OFFIS DCMTK Toolkit. 


For more information on these advisories, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/8-advisories-published-6-30-26 - subscription required. 

No comments:

 
/* Use this with templates/template-twocol.html */