The U.S. Cybersecurity and Infrastructure Security Company (CISA) on Tuesday unveiled an Industrial Handle Systems (ICS) advisory about a critical flaw affecting ME RTU remote terminal models.
The security vulnerability, tracked as CVE-2023-2131, has obtained the maximum severity rating of 10. on the CVSS scoring program for its very low attack complexity.
“Effective exploitation of this vulnerability could allow for remote code execution,” CISA claimed, describing it as a situation of command injection impacting variations of INEA ME RTU firmware prior to version 3.36.
Security researcher Floris Hendriks of Radboud College has been credited with reporting the issue to CISA.
Also revealed by CISA is an notify related to a number of known security holes in Intel(R) processors impacting Manufacturing unit Automation (FA) solutions from Mitsubishi Electric powered that could outcome in privilege escalation and a denial-of-support (DoS) condition.
The progress arrives as the agency suggested critical infrastructure corporations to acquire needed actions to secure the source chains by reviewing the Federal Communications Commission’s (FCC) Lined Record of communications gear that are deemed a nationwide security risk.
Future WEBINARLearn to Prevent Ransomware with Serious-Time Safety
Sign up for our webinar and discover how to cease ransomware assaults in their tracks with authentic-time MFA and support account security.
Conserve My Seat!
CISA has also urged entities to undertake advice issued by NIST to discover, evaluate, and mitigate supply chain dangers, and enroll for the agency’s free of charge Vulnerability Scanning support to pinpoint susceptible and superior-risk devices.
It further follows efforts carried out by cybersecurity authorities in Australia, Canada, United Kingdom, Germany, Netherlands, New Zealand, and the U.S. to “consider urgent methods vital to ship products and solutions that are secure-by-design and -default.”
Discovered this posting attention-grabbing? Observe us on Twitter and LinkedIn to go through much more distinctive material we article.
Some parts of this article are sourced from:
thehackernews.com