CISA has published an advisory on numerous vulnerabilities in ABB eSOMS. Versions 6.02 and prior are affected. In the most severe case, an attacker who successfully exploited these vulnerabilities could take over a user’s browser session, discover session-based information, or affect the confidentiality of sensitive information within the application. ABB recommends users update their version of eSOMS to 6.0.3 or 6.1. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.
H2OSecCon Spring 2024 - featuring panels and briefings on cybersecurity, physical security, operational resilience, and more - is on May 23. REGISTER NOW!