Microsoft and Industry Leaders Release Multiple Critical Security Updates for IT Systems
Security Advisories Issued by Industrial Firms Amid Rising Threat Landscape
In recent weeks, several prominent industrial companies have published security advisories addressing various vulnerabilities and potential risks in their products and systems.
Main Findings:
- Siemens has released nine new security advisories, addressing critical vulnerabilities in Scalance W-700 devices, Sinec NMS, Ruggedcom Crossbow, and Industrial Edge Management systems.
- Schneider Electric has published three new advisories, addressing medium-severity vulnerabilities in PowerChute Serial Shutdown UPS management software and Easergy MiCOM Px40 protection relays.
- Aveva has released an advisory regarding a critical missing authorization and privilege escalation vulnerability in its Pipeline Simulation product.
- Rockwell Automation has issued an important notice advising customers to disconnect PLCs from the internet due to potential threat actor activity.
- ABB has issued four advisories, including three addressing third-party component vulnerabilities in Ability Camera Connect, Ability Symphony, and System 800xA products.
- Mitsubishi Electric has released two new advisories, one addressing a DoS vulnerability introduced by Realtek chips in home appliances, and the other covering multiple information disclosure, tampering, and DoS flaws in Genesis64, Iconics Suite, MobileHMI, Hyper Historian, AnalytiX, and MC Works64 products.
- Moxa has a new advisory covering an MxGeneralIo security hole that can lead to DoS or privilege escalation.
“According to Siemens, ‘These advisories are a testament to our commitment to providing secure solutions for our customers.'”
The release of these advisories demonstrates the collaborative efforts of industrial firms to identify and address vulnerabilities, ultimately ensuring the continued safety and reliability of critical infrastructure systems.
About Author
English