The U.S. Cybersecurity and Infrastructure Security Company (CISA) on Tuesday released an Industrial Control Methods (ICS) advisory about a critical flaw affecting ME RTU distant terminal units.
The security vulnerability, tracked as CVE-2023-2131, has obtained the best severity rating of 10. on the CVSS scoring method for its reduced attack complexity.
“Thriving exploitation of this vulnerability could make it possible for distant code execution,” CISA explained, describing it as a situation of command injection affecting variations of INEA ME RTU firmware prior to variation 3.36.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
Security researcher Floris Hendriks of Radboud University has been credited with reporting the issue to CISA.
Also released by CISA is an notify relevant to various regarded security holes in Intel(R) processors impacting Manufacturing unit Automation (FA) products from Mitsubishi Electric powered that could final result in privilege escalation and a denial-of-support (DoS) issue.
The improvement comes as the agency encouraged critical infrastructure companies to get needed techniques to secure the provide chains by examining the Federal Communications Commission’s (FCC) Coated Listing of communications gear that are considered a nationwide security risk.
Upcoming WEBINARLearn to Cease Ransomware with Actual-Time Security
Join our webinar and find out how to stop ransomware attacks in their tracks with authentic-time MFA and assistance account protection.
Help save My Seat!
CISA has also urged entities to undertake guidance issued by NIST to establish, evaluate, and mitigate supply chain threats, and enroll for the agency’s cost-free Vulnerability Scanning provider to pinpoint vulnerable and higher-risk equipment.
It even further follows endeavours carried out by cybersecurity authorities in Australia, Canada, United Kingdom, Germany, Netherlands, New Zealand, and the U.S. to “consider urgent actions important to ship goods that are protected-by-design and -default.”
Observed this article intriguing? Abide by us on Twitter and LinkedIn to read a lot more exceptional information we put up.
Some pieces of this report are sourced from:
thehackernews.com