On Thursday, CISA released six industrial management system (ICS) advisories, for OFFIS DCMTK (“mitigations for a path traversal, relative path traversal, NULL pointer reference vulnerability in DCMTK, an OFFIS product of libraries and software program that course of DICOM picture information”), Yokogawa STARDOM (“mitigations for Cleartext Transmission of Delicate Info, and Use of Onerous-coded Credentials vulnerabilities within the Yokogawa STARDOM community management system”), Yokogawa CAMS for HIS (“mitigations for a Violation of Safe Design Rules vulnerability within the Yokogawa Consolidation Alarm Administration Software program for Human Interface Station”), Secheron SEPCOS Control and Protection Relay (“mitigations for Improper Enforcement of Behavioral Workflow, Lack of Administrator Management over Safety, Improper Privilege Administration, and Insufficiently Protected Credentials vulnerabilities within the Secheron SEPCOS Management and Safety Relay”), Pyramid Solutions EtherNet/IP Adapter Development Kit (“mitigations for an Out-of-bounds Write vulnerability within the Pyramid Options EtherNet/IP Adapter Improvement Equipment”), and Elcomplus SmartICS (“mitigations for Improper Entry Management, Relative Path Traversal, and Cross-site Scripting vulnerabilities within the Elcomplus SmartICS web-based HMI”).
Comments
0 comments