CISA has published an advisory on an improper authentication vulnerability in Hitachi ABB Power Grids XMC20 Multiservice-Multiplexer. XMC20 R4 using COGE5 versions older than co5ne_r1h07_12.esw and XMC20 R6 using COGE5 versions older than co5ne_r2d14_03.esw are affected. Successful exploitation of this vulnerability could allow an attacker to remotely take control of the product. Hitachi ABB Power Grids has corrected the problem in the different product versions and recommends users apply the firmware update at the earliest availability. CISA also recommends a series of measures to mitigate this vulnerability. Read the advisory at CISA.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!