ICS-CERT has released an advisory on a JanTek JTC-200 vulnerability. All versions of JTC-200 are affected. Successful exploitation of this vulnerability could allow an attacker to spoof the IP address of an authenticated user, assume the authenticated user’s identity, and gain privileges or access to the system. JanTek will not be developing mitigations for the vulnerabilities affecting JTC-200 as it is developing a JTC-300 model scheduled for release near the end of 2017. In the meantime, ICS-CERT recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!