Critical Vulnerabilities in Siemens, Rockwell Automation, and Delta Products: Impacting Industrial Control Systems (ICS)

CISA @ Alerts

Critical Vulnerabilities in Siemens, Rockwell Automation, and Delta Products: Impacting Industrial Control Systems (ICS) - 7h

Several critical vulnerabilities have been discovered in industrial control systems (ICS) products from Siemens, Rockwell Automation, and Delta Electronics. These vulnerabilities could allow attackers to execute arbitrary code, trigger denial-of-service conditions, or gain unauthorized access to sensitive information. One of the most concerning vulnerabilities is CVE-2024-41798, affecting Siemens’ SENTRON 7KM PAC3200 power monitoring device. This vulnerability exposes the device to brute-force attacks and unauthorized access through its Modbus TCP interface. Organizations using these ICS products are urged to prioritize patching and implementing robust security measures to mitigate the risks.

References:

Blog - Weekly ICS Vulnerability Intelligence Report by Cyble - 14h
nvd.nist.gov - CVE details for SENTRON 7KM PAC3200 vulnerability - 14h
All CISA Advisories - CISA Releases Twenty-One Industrial Control Systems Advisories - 13h

Classification:

HashTags: ICS Vulnerability Cybersecurity
Company: Siemens Rockwell Automation and Delta Electronics
Target: Industrial Control Systems
Product: Industrial Control Systems (ICS)
Feature: Modbus TCP
Type: Vulnerability
Severity: Critical

This site is an experimental news aggregator using feeds I personally follow. You can reach me using contacts documented at my website here (https://royans.net/) if you have feedback. You can also find Flathis at Mastodon.

FlagThis

Critical Vulnerabilities in Siemens, Rockwell Automation, and Delta Products: Impacting Industrial Control Systems (ICS) - 7h

References:

Classification: