CISA Industrial Control System security advisory includes a familiar product: Unitronics Vision Standard PLCs allow a remote, unauthenticated individual to retrieve the 'Information Mode' password in plaintext. This vulnerability is tracked as CVE-2024-1480 (7.5 high) and was reported by @reverseics of Dragos. 🔗 https://www.cisa.gov/news-events/ics-advisories/icsa-24-109-01

Unitronics has not responded to requests to work with CISA to mitigate this vulnerability.
No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.

#Unitronics #CVE_2024_1480 #PLC

Our own @mle sat down with @ITBrew to discuss Censys' latest research into internet-accessible devices from automation manufacturer #Unitronics -- and what this means for critical infrastructure communities. Check it out: https://www.itbrew.com/stories/2024/02/22/water-damage-censys-finds-149-internet-exposed-unitronics-devices

#censysresearch

💧 #ICYMI: Our research team did a deep dive into exposed internet-facing #Unitronics services and devices across the U.S. Check out our analysis in the latest from @ISMG_News: https://www.bankinfosecurity.co.uk/internet-exposed-water-plcs-are-easy-targets-for-iran-a-24335

#CyberAv3ngers #CensysResearch

Good Morning, Afternoon, or Evening, ICS Advisory Project Dashboards are updated with the 2 new and 1 updated CISA ICS Advisories released on 1/4/24 for the following vendors:

Rockwell Automation.: 1 New
Mitsubishi Electric: 1 New
Unitronics: 1 Update

https://www.icsadvisoryproject.com/
#ICS #OT #CISA #vulnerabilitymanagement #icssecurity #otsecurity #industrialautomation #manufacturing #water #wastewater #rockwellautomation #mitsubishielectric #unitronics

The ICS Advisory Project will update its dashboards and GitHub repository tonight for the two new CISA Industrial Control Systems Advisories released today (1/4) for the following ICS vendors:

ICSA-24-004-01 Rockwell Automation FactoryTalk Activation
ICSA-24-004-02 Mitsubishi Electric Factory Automation Products
ICSA-23-348-15 Unitronics Vision and Samba Series (Update A)

You can read this advisory now from the CISA alert website shown below.
https://www.cisa.gov/news-events/alerts/2024/01/04/cisa-releases-three-industrial-control-systems-advisories

Visit the ICS[AP] interactive dashboards at icsadvisoryproject.com

#ICS #OT #CISA #vulnerabilitymanagement #icssecurity #cybersecurity #manufacturing #industrialautomation #water #wastewater #rockwellautomation #mitsubishielectric #unitronics

Since the start of the Israel-Hamas war, an Iranian hacking group known as CyberAv3ngers has been targeting U.S. water utilities that use Israel-manufactured Unitronics programmable logic controllers.

Some of the compromised devices had been connected to the open internet with a default password of “1111"

#CyberAv3ngers #israel #Hamas #Iran #utilities #infrastructure #unitronics #security #cybersecurity #password #hacking #hackers #hacked

https://www.fastcompany.com/91002831/us-water-utilities-hacked-cybersecurity

The ICS Advisory Project will update its dashboards and GitHub repository tonight for the 16 new and 1 updated CISA Industrial Control Systems Advisories released today (12/14) for the following ICS vendors:

ICSA-23-348-01 Cambium ePMP 5GHz Force 300-25 Radio

ICSA-23-348-02 Johnson Controls Kantech Gen1 ioSmart

ICSA-23-348-03 Siemens User Management Component (UMC)

ICSA-23-348-04 Siemens LOGO! and SIPLUS LOGO!

ICSA-23-348-05 Siemens SIMATIC and SIPLUS Products

ICSA-23-348-06 Siemens OPC UA Implementation in SINUMERIK ONE and SINUMERIK MC

ICSA-23-348-07 Siemens SIMATIC STEP 7 (TIA Portal)

ICSA-23-348-08 Siemens Web Server of Industrial Products

ICSA-23-348-09 Siemens Simantic S7-1500 CPU family

ICSA-23-348-10 Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

ICSA-23-348-11 Siemens SINUMERIK

ICSA-23-348-12 Siemens SICAM Q100 Devices

ICSA-23-348-13 Siemens SCALANCE and RUGGEDCOM M-800/S615 Family

ICSA-23-348-14 Siemens RUGGEDCOM and SCALANCE M-800/S615 Family

ICSA-23-348-15 Unitronics VisiLogic

ICSA-23-348-16 Siemens SINEC INS

ICSMA-20-254-01 Philips Patient Monitoring Devices (Update C)

Read this advisory now from the CISA alert website shown below.

https://www.cisa.gov/news-events/alerts/2023/12/14/cisa-releases-seventeen-industrial-control-systems-advisories

Visit the ICS[AP] interactive dashboards at icsadvisoryproject.com

#ICS #OT #CISA #vulnerabilitymanagement #icssecurity #otsecurity
#siemens
#philips
#johnsoncontrols
#unitronics
#cambium
#manufacturing
#industrialautomation
#healthcare
#publichealth
#buildingautomation
#Communications
#dam
#EmergencyServices
#Energy
#Government
#medicalsecurity
#TransportationSystems
#Water
#Wastewatersystems
#criticalinfrastructure

IRGC-Affiliated Cyber Actors #Exploit #PLC's in Multiple Sectors, Including U.S. #Water and #Wastewater Systems Facilities

"Most recently, CyberAv3ngers began targeting U.S.-based WWS facilities that operate #Unitronics PLCs...compromised Unitronics Vision Series PLCs with #HMI...devices were publicly exposed to the internet with default passwords and by default are on TCP port 20256."

Note from me: The Israeli company Unitronics PLC default password is: "1111." 🙄
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335a

CISA said the agency is working to identify water utility operators using devices from Israeli company Unitronics and notifying those organizations if they are at risk of cyberattack

#water #Unitronics #CISA

https://therecord.media/cisa-water-utilities-outreach-unitronics-plcs

Congressmen ask DOJ to investigate water utility hack, warning it could happen anywhere

Share with your friends: cybersecurity (or the lack of #security) has real-world impacts. Here, the drinking water supply to the public wasn't compromised, but the water utility did have to switch to manual operations as a result of the cyber attack.

#cybersecurity #infosec #unitronics #plc

https://apnews.com/article/cybersecurity-water-wastewater-israel-hacker-iran-12fc7398a4ed6e6f7a47e83531c50c87