You are here

GE Mark Vle Controller (ICSA-19-281-02) – Product Used in the Energy Sector

GE Mark Vle Controller (ICSA-19-281-02) – Product Used in the Energy Sector

Created: Tuesday, October 8, 2019 - 16:54
Categories:
Cybersecurity

CISA has published an advisory on improper authorization and use of hard-coded credentials vulnerabilities in GE Mark Vle Controller. All versions of the GE Mark VIe Controller are affected by at least one of the vulnerabilities. Successful exploitation of these vulnerabilities could allow an attacker to create read/write/execute commands within the Mark VIe control system. GE has provided recommendations for mitigating the vulnerabilities. CISA also recommends a series of measures for mitigating the vulnerabilities. Read the advisory at CISA.