For Part 2, we have three vendor advisories from Schneider Electric. We also have six vendor updates for products from Schneider (2) and Siemens (4).
Schneider Advisory #1 – Schneider published an advisory describing two vulnerabilities in their Interactive Graphical SCADA System (IGSS) data collector.
Schneider Advisory #2 – Schneider published an advisory describing seven vulnerabilities in their EVlink City / Parking / Smart Wallbox Charging Stations.
Schneider Advisory #3 – Schneider published an advisory describing two separate input validation vulnerabilities in their EcoStruxure Power Monitoring Expert product.
NOTE: NCCIC-ICS did not update their advisory (ICSA-21-313-03) to reflect this change.
NOTE: NCCIC-ICS did not update their advisory (ICSA-21-257-06) to reflect this change.
For more details on the advisories and updates, see my article at CFSN Detailed Analysis – https://patrickcoyle.substack.com/p/public-ics-disclosures-week-of-12-f8e – subscription required.