The U.S. Cybersecurity and Infrastructure Security Company (CISA) on Tuesday released an Industrial Control Methods (ICS) advisory about a critical flaw affecting ME RTU distant terminal units.
The security vulnerability, tracked as CVE-2023-2131, has obtained the best severity rating of 10. on the CVSS scoring method for its reduced attack complexity.
“Thriving exploitation of this vulnerability could make it possible for distant code execution,” CISA explained, describing it as a situation of command injection affecting variations of INEA ME RTU firmware prior to variation 3.36.

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
Security researcher Floris Hendriks of Radboud University has been credited with reporting the issue to CISA.
Also released by CISA is an notify relevant to various regarded security holes in Intel(R) processors impacting Manufacturing unit Automation (FA) products from Mitsubishi Electric powered that could final result in privilege escalation and a denial-of-support (DoS) issue.
The improvement comes as the agency encouraged critical infrastructure companies to get needed techniques to secure the provide chains by examining the Federal Communications Commission’s (FCC) Coated Listing of communications gear that are considered a nationwide security risk.
Upcoming WEBINARLearn to Cease Ransomware with Actual-Time Security
Join our webinar and find out how to stop ransomware attacks in their tracks with authentic-time MFA and assistance account protection.
Help save My Seat!
CISA has also urged entities to undertake guidance issued by NIST to establish, evaluate, and mitigate supply chain threats, and enroll for the agency’s cost-free Vulnerability Scanning provider to pinpoint vulnerable and higher-risk equipment.
It even further follows endeavours carried out by cybersecurity authorities in Australia, Canada, United Kingdom, Germany, Netherlands, New Zealand, and the U.S. to “consider urgent actions important to ship goods that are protected-by-design and -default.”
Observed this article intriguing? Abide by us on Twitter and LinkedIn to read a lot more exceptional information we put up.
Some pieces of this report are sourced from:
thehackernews.com