You are here

PEPPERL+FUCHS CT50-Ex (ICSA-18-303-01)

PEPPERL+FUCHS CT50-Ex (ICSA-18-303-01)

Created: Thursday, November 1, 2018 - 10:28
Categories:
Cybersecurity

The NCCIC has released an advisory on an improper privilege management vulnerability in PEPPERL+FUCHS CT50-Ex. CT50-Ex running Android OS v4.4 and v6.0 are affected (the original manufacturer was Honeywell). Successful exploitation of this vulnerability could allow a malicious third-party application to gain elevated privileges and obtain access to sensitive information. An update is available that resolves this vulnerability. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.