Today the DHS ICS-CERT published an
advisory for a cross-site scripting vulnerability in the Nordex NC2 Wind
Farm Portal application. The vulnerability was reported by Karn Ganeshen.
Nordex has produced an update to mitigate this vulnerability, but there is no
indication that Ganeshen has been provided the opportunity to verify the
efficacy of the fix.
ICS-CERT reports that a relatively unskilled attacker could
remotely exploit this vulnerability to download a malicious script.
Posts
No comments:
Post a Comment