. . .
 

CISA releases 7 Industrial Control Systems Advisories

CISA releases 7 Industrial Control Systems Advisories 8/23/2022 12:30 PM EDT

ICS-CERT released the following 7 advisories today, August 18, 2022. Click on the links below for more detailed information on these Industrial Control Systems vulnerabilities. ARC Informatique PcVue This advisory contains mitigations for a Cleartext Storage of Sensitive Information vulnerability in various components of ARC Informatique products. Delta Industrial Automation DIALink This advisory contains mitigations for an Use of Hard-coded Cryptographic Key vulnerability in various versions of the DIALink Industrial Automation server. myScada Pro This advisory contains mitigations for a Command Injection vulnerability in various versions of myPRO HMI and SCADA systems. Measuresoft ScadaPro Server This advisory contains mitigations for an Out-of-bounds Write vulnerability in Measuresoft ScadaPro Server, a supervisory control and data acquisition (SCADA) system. Measuresoft ScadaPro Server and Client This advisory contains mitigations for Untrusted Pointer Dereference, Stack-based Buffer Overflow, Use After Free, and Link Following vulnerabilities in Measuresoft ScadaPro Server and Client, a supervisory control and data acquisition (SCADA) system. Hitachi Energy RTU500 This advisory contains mitigations for a Stack-based Buffer Overflow vulnerability in versions of Hitatchi Energy RTU500 firmware. Illumina Local Run Manager (Update A) This updated advisory is a follow-up to the original advisory titled ICSA-22-153-02 Illumina Local Run Manager that was published June 22, 2022, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Path Traversal, Unrestricted Upload of File with Dangerous Type, Improper Access Control, and Cleartext Transmission of Sensitive Information vulnerabilities in Illumina devices using Local Run Manager software.


3 views0 comments