Read more about the article CISA Releases Four Industrial Control Systems Advisories

CISA Releases Four Industrial Control Systems Advisories

  • Post author:
  • Post category:

CISA released four Industrial Control Systems (ICS) advisories on November 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-331-01 Delta Electronics InfraSuite Device Master ICSA-23-331-02 Franklin Electric Fueling Systems Colibri ICSA-23-331-03 Mitsubishi Electric GX Works2 ICSMA-23-331-01 BD FACSChorus CISA encourages users and administrators to review the newly

Continue ReadingCISA Releases Four Industrial Control Systems Advisories
Read more about the article ICS Medical Advisory: BD FACSChorus

ICS Medical Advisory: BD FACSChorus

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company (BD) Equipment: FACSChorus Vulnerabilities: Missing Protection Mechanism for Alternate Hardware Interface, Missing Authentication for Critical Function, Improper Authentication, Use of Hard-coded Credentials, Insecure Inherited Permissions, 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker with

Continue ReadingICS Medical Advisory: BD FACSChorus
Read more about the article ICS Advisory: Mitsubishi Electric GX Works2

ICS Advisory: Mitsubishi Electric GX Works2

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 2.9 ATTENTION: Exploitable locally Vendor: Mitsubishi Electric Corporation Equipment: GX Works2 Vulnerability: Denial-of-Service 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow a Denial-of-service (DoS) due to improper input validation in the simulation function of GX Works2 by sending specially crafted packets. 3. TECHNICAL DETAILS 3.1 AFFECTED

Continue ReadingICS Advisory: Mitsubishi Electric GX Works2
Read more about the article ICS Advisory: Franklin Electric Fueling Systems Colibri

ICS Advisory: Franklin Electric Fueling Systems Colibri

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Franklin Electric Fueling Systems Equipment: Colibri Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain login credentials for other users. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of

Continue ReadingICS Advisory: Franklin Electric Fueling Systems Colibri
Read more about the article ICS Advisory: Delta Electronics InfraSuite Device Master

ICS Advisory: Delta Electronics InfraSuite Device Master

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Delta Electronics Equipment: InfraSuite Device Master Vulnerabilities: Path Traversal, Deserialization of Untrusted Data, Exposed Dangerous Method or Function. 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to remotely execute arbitrary code and obtain plaintext credentials. 3. TECHNICAL

Continue ReadingICS Advisory: Delta Electronics InfraSuite Device Master