Summary
Ilevia disclosed nine vulnerabilities in its EVE X1 Server, including multiple critical flaws that allow unauthenticated attackers to execute arbitrary commands and gain root access. The vendor has declined to patch several of these vulnerabilities.
Take Action:
If you are using Ilevia systems, review the advisory in detail. As usual isolate all industrial devices from the internet and make them accessible only from trusted networks. Make sure to close port 8080. Then plan a quick patch cycle, there are a bunch of critical easily exploited flaws. And be aware that some flaws remain, the vendor refused to patch them.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)