CISA releases 2 Industrial Control Systems Advisories

Cybersecurity and Infrastructure Security Agency sent this bulletin at 03/15/2022 01:04 PM EDT

Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

You are subscribed to no topic for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.

3/15/2022 1:04 PM EDT

ICS-CERT released the following 2 advisories today, March 15, 2022. Click on the links below for more detailed information on these Industrial Control Systems vulnerabilities.

ABB OPC Server for AC 800M

This advisory contains mitigations for an Execution with Unnecessary Privileges vulnerability in the ABB OPC Server for AC 800M run-time data reader.

Axeda agent and Axeda Desktop Server (Update B)

This updated advisory is a follow-up to the original advisory titled ICSA-22-067-01 PTC Axeda agent and Axeda Desktop Server (Update A) that was published March 10, 2022, on the ICS webpage on www.cisa.gov/uscert. This advisory contains mitigations for Use of Hard-coded Credentials, Missing Authentication for Critical Function, Exposure of Sensitive Information to an Unauthorized Actor, Path Traversal, and Improper Check or Handling of Exceptional Conditions vulnerabilities in Axeda agent and Axeda Desktop Server, a remote asset connectivity software used as part of a cloud based IoT platform.

Having trouble viewing this message? View it as a webpage.

You are subscribed to updates from the Cybersecurity and Infrastructure Security Agency (CISA)
Manage Subscriptions | Privacy Policy | Help

Connect with CISA:
Facebook | Twitter | Instagram | LinkedIn | YouTube