Vendor
medium
advisory
CISA ICS Security Advisories Address Vulnerabilities in Multiple Vendor Products
2 rulesCISA published ICS advisories addressing vulnerabilities in products from ABB, Hitachi Energy, Kieback & Peter, ScadaBR, Siemens, and ZKTeco, recommending mitigations and updates.
B&R Automation Runtime +10
ics
scada
vulnerability
2r
medium
advisory
Hitachi Energy GMS600 Vulnerable to Bleichenbacher Attack via CVE-2022-4304
2 rules 1 TTP 1 CVEHitachi Energy GMS600 versions 1.3.0 and 1.3.1 are affected by CVE-2022-4304, a vulnerability in the OpenSSL RSA Decryption implementation; an attacker could exploit this timing-based side channel to recover plaintext across a network in a Bleichenbacher-style attack by sending trial messages to the server and recording processing times, eventually decrypting application data.
GMS600 versions 1.3.0 and 1.3.1
bleichenbacher
timing attack
openssl
critical infrastructure
2r
1t
1c