CISA releases 6 Industrial Control Systems Advisories
Cybersecurity and Infrastructure Security Agency sent this bulletin at 06/23/2022 02:05 PM EDT
You are subscribed to no topic for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.
This advisory contains mitigations for a path traversal, relative path traversal, NULL pointer reference vulnerability in DCMTK, an OFFIS product of libraries and software that process DICOM image files
This advisory contains mitigations for Cleartext Transmission of Sensitive Information, and Use of Hard-coded Credentials vulnerabilities in the Yokogawa STARDOM network control system.
This advisory contains mitigations for a Violation of Secure Design Principles vulnerability in the Yokogawa Consolidation Alarm Management Software for Human Interface Station (CAMS for HIS).
This advisory contains mitigations for Improper Enforcement of Behavioral Workflow, Lack of Administrator Control over Security, Improper Privilege Management, and Insufficiently Protected Credentials vulnerabilities in the Secheron SEPCOS Control and Protection Relay.
This advisory contains mitigations for an Out-of-bounds Write vulnerability in the Pyramid Solutions EtherNet/IP Adapter Development Kit.
This advisory contains mitigations for Improper Access Control, Relative Path Traversal, and Cross-site Scripting vulnerabilities in the Elcomplus SmartICS web-based HMI.