The NCCIC has released an advisory on improper authentication and information exposure through query strings in GET request vulnerabilities in Entes EMG 12. EMG Ethernet Modbus Gateway Firmware versions 2.57 and prior are affected. Successful exploitation of these vulnerabilities may allow attackers to gain unauthorized access and could allow the ability to change device configuration and settings. Entes recommends that users update to the latest available firmware version. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.