CISA has published an advisory on a cross-site scripting vulnerability in GE Reason S20 Ethernet Switches. All firmware versions prior to 07A06 are affected. Successful exploitation of these vulnerabilities could allow unauthorized accounts manipulation and allow for remote code execution. GE recommends that S20 users upgrade to firmware Version 07A06 or higher to fix this vulnerability. CISA recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!