Cybersecurity

ICS-CERT has released an advisory on a Siemens TeleControl Server Basic vulnerability. Versions prior to V3.1 are affected. Successful exploitation of these vulnerabilities could allow for escalation of privileges to perform administrative actions. Siemens recommends that users install the latest version of TeleControl Server Basic. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.

ICS-CERT has released an advisory on a Nari PCS-9611 vulnerability. All versions of the PCS-9611 relay, a control and monitoring unit, are affected. Successful exploitation of this vulnerability could allow a remote attacker arbitrary read/write abilities on the system. NCCIC has reached out to Nari and CNCERT but has not received a response. In the meantime, ICS-CERT recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.

ICS-CERT has released an advisory on a WECON Technology Co., Ltd. LeviStudio HMI Editor vulnerability. LEVI Studio HMI Editor v1.8.29 and prior versions are affected. Successful exploitation of these vulnerabilities may result in arbitrary code execution. WECON recommends that users update to the latest version. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.

ICS-CERT has released an advisory on a PHOENIX CONTACT FL SWITCH vulnerability. All FL SWITCH 3xxx, 4xxx, and 48xxx products running firmware Version 1.0 to 1.32 are affected. Successful exploitation of these vulnerabilities may allow an unauthenticated remote attacker to gain administrative privileges and expose information to unauthenticated users. PHOENIX CONTACT recommends that affected users upgrade to firmware Version 1.33 or higher. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability.