ICS-CERT has released an advisory on a LAVA Computer MFG Inc. Ether-Serial Link vulnerability. Versions 6.01.00/29.03.2007 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to spoof the IP address of an authenticated user, assume the authenticated user’s identity, and gain privileges or access to the system. As LAVA Computer MFG Inc. has not responded to requests to work with ICS-CERT to mitigate this vulnerability, ICS-CERT recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.