A critical vulnerability in the Inea OS Command Injection bug exposes industrial organizations to remote attacks

A critical flaw in Inea ICS product exposes industrial organizations to remote attacks

A critical vulnerability discovered in a Remote Terminal Unit (RTU) manufactured by Slovenian industrial automation company Inea could expose industrial organizations to hacker attacks from a distance.

Last week, the US Cybersecurity and Infrastructure Security Agency published an advisory informing organizations of the vulnerability. The vendor released a firmware patch that fixes the vulnerability.

This security flaw, identified as CVE-2022-2131 with a CVSS of 10, affects Inea ME RTUs that run firmware versions older than 3.36. CISA stated that this OS command injection vulnerability could lead to remote code execution.

Source:
https://www.securityweek.com/critical-flaw-in-inea-ics-product-exposes-industrial-organizations-to-remote-attacks/

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注