CISA releases three industrial control systems advisories

CISA has published three advisories concerning vulnerabilities in Industrial Control Systems products, involving Schneider Electric EcoStruxure, Vertikal Systems Hospital Manager Backend Services, and an updated alert on Schneider Electric Modicon systems. These advisories address various security weaknesses with potential exposure to operational risks.

The advisories include specific identifiers such as ICSA-25-301-01 related to Schneider Electric EcoStruxure, ICSMA-25-301-01 concerning Vertikal Systems Hospital Manager Backend Services, and ICSA-24-352-04 Update B for Schneider Electric Modicon. Each notice details affected components, firmware or software versions, and triggers for exploitation, although the initial summary does not enumerate these specifics.

The documented vulnerabilities encompass issues that could be exploited to compromise industrial control operations, as described in the advisories. Potential impacts stem from the identified weaknesses in the respective products and components as outlined.

Resolution status and remediation measures are provided within the advisories, specifying available patches or updates issued by vendors to address the identified security gaps. Users and system operators are expected to implement these updates accordingly.

The advisories conclude with recommendations aimed at users and administrators to consult the detailed notices to understand the vulnerabilities fully and to apply the suggested mitigations to maintain system security.

iboss launches SSPM in its Zero Trust SASE platform

Salt Security releases Databricks connector and Netlify collector

Darling Ingredients selects Cato Networks for SASE