Four separate industrial control system vendors, including Real Time Automation and Paradox, released warnings on vulnerabilities all within the range of critical to high-severity. The bugs cause systems to be vulnerable to remote attacks conducted by threat actors. The flaws have a severity rating of 9.8 out of 10.
On Tuesday, provider Claroty publicly disclosed the bug, stating that third-party code utilized in the proprietary Real Time Automation component resulted in networks being vulnerable to a denial-of-service attack. Claroty states that 11 devices from six different vendors are affected by the bug, however, those vendors have not been identified.
Read More: Multiple Industrial Control System Vendors Warn of Critical Bugs