You are here

Kunbus PR100088 Modbus Gateway (Update A) (ICSA-19-036-05)

Kunbus PR100088 Modbus Gateway (Update A) (ICSA-19-036-05)

Created: Tuesday, February 12, 2019 - 10:58
Cyber Security

February 7, 2019

The NCCIC has updated this advisory with additional information on the vulnerabilities, technical details of the affected products, and mitigation measures. Read the advisory at NCCIC/ICS-CERT.

February 5, 2019

The NCCIC has published an advisory on improper authentication, missing authentication for critical function, and improper input validation vulnerabilities in Kunbus PR100088 Modbus Gateway. All versions prior to Release R02 (or Software Version 1.1.13166) are affected. Successful exploitation of these vulnerabilities could allow an attacker to achieve remote code execution and/or cause a denial-of-service condition. Kunbus has made an update available to address the vulnerabilities. The NCCIC also advises on a series of mitigating measures for these vulnerabilities. Read the advisory at NCCIC/ICS-CERT.