![]() The cybersecurity firm pointed out that the malicious changes would not be reflected in the user interface, making it more likely for the attack to go unnoticed. If an attacker writes malicious code on the controller, the victim will need to overwrite the program in order to restore the original operational function. Remote, unauthenticated attackers can make configuration changes or write unauthorized code on the controller, both of which can lead to changes in the controller’s functionality. The vulnerabilities, two of which have been rated ‘high severity’, can be exploited by sending specially crafted packets to the targeted system. ![]() In the meantime, the company has issued a press release that points to National Vulnerability Database entries providing some technical information for each of the four security holes. SCADAfence will soon publish a blog post detailing its findings. SCADAfence says this is the first time CVE identifiers have been assigned to vulnerabilities in Alerton products. ![]() ![]() OT and IoT cybersecurity company SCADAfence has discovered potentially serious vulnerabilities in a widely used building management system made by Alerton, a brand of industrial giant Honeywell.įour vulnerabilities have been found in the Alerton Compass software, which is the product’s human-machine interface (HMI), the Ascent Control Module (ACM), and the Visual Logic component. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |