The NCCIC has published an advisory on an improper access control vulnerability in Phoenix Contact FL NAT SMx. Numerous products are affected. Successful exploitation of this vulnerability could allow unauthorized users full access to the device configuration. In addition, these vulnerabilities could interact with third-party vulnerabilities to cause other impacts to integrity, confidentiality, and availability. Phoenix Contact recommends affected users operate the devices in closed networks or protected with a suitable firewall and apply specific mitigations. The NCCIC also recommends a series of mitigating measures. Read the advisory at NCCIC/ICS-CERT.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!