Multiple Industrial Control System Vendors Warn of Critical Bugs
Four separate industrial control system vendors, including Real Time Automation and Paradox, released warnings on vulnerabilities all within the range of critical to high-severity. The bugs cause systems to be vulnerable to remote attacks conducted by threat actors. The flaws have a severity rating of 9.8 out of 10.
On Tuesday, provider Claroty publicly disclosed the bug, stating that third-party code utilized in the proprietary Real Time Automation component resulted in networks being vulnerable to a denial-of-service attack. Claroty states that 11 devices from six different vendors are affected by the bug, however, those vendors have not been identified.