CISA has published an advisory on improper restriction of operations within the bounds of a memory buffer, session fixation, NULL pointer dereference, improper access control, argument injection, and resource management errors vulnerabilities in Mitsubishi Electric GOT2000 Series. GT27, GT25, and GT23 are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition or remote code execution. Mitsubishi recommends users follow as series of steps to update CoreOS to the latest version. CISA also recommends a series of measures to mitigate the vulnerabilities. Access the advisory at CISA.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!