U.S. Cybersecurity and Infrastructure Security Agency has begun flagging multiple flaws found by Forescout Technologies in operational technology. 56 vulnerabilities across operational technology – aka OT – hardware and software from 10 different vendors. The vulnerabilities have been detailed in a report titled OT:Icefall, a reference to climbing Mount Everest. Of the vulnerabilities detailed in the report, “38% allow for compromise of credentials, 21% allow. for firmware manipulation and 14% allow remote code execution,” the report says. Despite the flaws, “74% of affected product families have some form of security certification””]
Source: https://www.cuinfosecurity.com/industrial-cybersecurity-alert-56-insecure-by-design-flaws-a-19426