ENTTEC Lighting Controllers (ICSA-19-085-03)

The NCCIC has published an advisory on a missing authentication for critical function vulnerability in ENTTEC Lighting Controllers. Numerous products and versions of these products are affected. Successful exploitation of this vulnerability could reboot this device allowing a continual denial of service condition. ENTTEC recommends users upgrade to the March 2019 revB firmware or later. The NCCIC also offers a series of measures to address this vulnerability. Read the advisory at NCCIC/ICS-CERT.