ICS-CERT has released an alert on an ABB Ellipse vulnerability. The vulnerability affects Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 (including Ellipse Select). Successful exploitation of this vulnerability could allow an attacker to discover authentication credentials by sniffing the network traffic. ABB has released several product updates to mitigate the vulnerability. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.