OT Advisories

Rockwell Fixes Pavilion 8

Rockwell Automation has an update available to handle an incorrect permission assignment for critical resource vulnerability in its Pavilion 8, according to a report with CISA.

HMS Mitigations for Anybus-CompactCom 30

HMS Industrial Networks has suggested mitigations available to handle a cross-site scripting vulnerability in its Anybus-CompactCom 30, according to a report with CISA.

Siemens Clears SINEMA Remote Connect Server Holes

Siemens has a new version of SINEMA Remote Connect Server available to handle command injection vulnerabilities, according to a report with CISA.

Siemens Updates SIMATIC WinCC

Siemens has an update available to handle an exposure of private personal information to an unauthorized actor vulnerability in its SIMATIC WinCC, according to a report with CISA.

Siemens Fixes SIMATIC STEP 7 (TIA Portal)

Siemens has a new version of its SIMATIC STEP 7 (TIA Portal) to handle a deserialization of untrusted data vulnerability, according to a report with CISA.

Rockwell Fixes ThinManager ThinServer

Rockwell Automation has a fix available to handle an Improper Input Validation vulnerability in its ThinManager ThinServer, according to a report with CISA.

Rockwell Updates FactoryTalk, Policy Manager

Rockwell Automation has an update and some mitigations to handle improper privilege management vulnerabilities in its FactoryTalk System Services and Policy Manager, according to a report with CISA.

Delta Electronics Fixes CNCSoft-G2

Delta Electronics has an update available to handle a stack-based buffer overflow, out-of-bounds write, out-of-bounds read, heap-based buffer overflow vulnerabilities in its CNCSoft-G2, according to a report with CISA.

Mitsubishi Fixes MELIPC Series

Mitsubishi Electric has a fix available to handle an incorrect default permissions vulnerability in its MI5122-VW, according to a report with CISA.

Johnson Controls Fixes Illustra Pro Gen 4

Johnson Controls, Inc. has an update available to handle a dependency on vulnerable third-party component vulnerability in its Illustra Pro Gen 4, according to a report with CISA.

Johnson Controls Updates C●CURE 9000 Issue

Johnson Controls, Inc. has an update available to handle a use of weak credentials vulnerability in its Software House C●CURE 9000, according to a report with CISA.

Mitigations for Johnson Controls’ C●CURE 9000

Johnson Controls Inc. has a series of recommendations to handle an incorrect default permissions vulnerability in its Software House C●CURE 9000, according to a report with CISA.

mySCADA Fixes myPRO Hole

An update is available to handle a use of hard-coded password vulnerability in mySCADA’s myPRO, according to a report with CISA.

ICONICS, Mitsubishi Electric Fix Multiple Issues

ICONICS and Mitsubishi Electric have an updated version to handle multiple vulnerabilities in the ICONICS product suite, according to a report with CISA.

Kantech Door Controllers Fixed

Johnson Controls, Inc. has an update available to handle an exposure of sensitive information to an unauthorized actor vulnerability in its Kantech KT1, KT2, KT400 Door Controllers, according to a report with CISA.

MarKoni FM Transmitter Fixed

MarKoni released a new version to handle multiple vulnerabilities in its Markoni-D (Compact) FM Transmitters, Markoni-DH (Exciter+Amplifiers) FM Transmitters where public exploits are available, according to a report with CISA.

SDG Technologies Updates PnPSCADA

SDG Technologies has an updated version of its PnPSCADA to handle a missing authorization vulnerability, according to a report with CISA.

Johnson Controls Fixes Illustra Essentials Gen 4 Camera

Johnson Controls, Inc. has an upgrade available to handle a storing passwords in a recoverable format vulnerability in its Illustra Essentials Gen 4, according to a report with CISA.

Johnson Controls Fixes IP Camera System Log Hole

Johnson Controls, Inc. has an upgrade available to handle an insertion of sensitive information into log file vulnerability in its Illustra Essentials Gen 4 IP camera, according to a report with CISA.

Johnson Controls Fixes Password Issue in IP Camera

Johnson Controls, Inc. has an update available to handle a storing passwords in a recoverable format vulnerability in its Illustra Essentials Gen 4, according to a report with CISA.

ISSSource

Pin It on Pinterest