NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. Also recognize that VPN is only as secure as the connected devices. When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available.Locate control system networks and remote devices behind firewalls, and isolate them from the business network.Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.NCCIC recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. PHOENIX CONTACT recommends that affected users upgrade to firmware version 8.6.1 Successful exploitation of this vulnerability could allow for an attacker to modify firmware update packages. The following versions of mGuard, a network device, are affected: ![]() ![]() Vulnerability: Improper Validation of Integrity Check Value AFFECTED PRODUCTS
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |