NCCIC/ICS-CERT is aware of a public report of authentication vulnerabilities with proof-of-concept (PoC) exploit code affecting FENIKS PRO Elnet LT Energy & Power analyzer. According to this report, attackers can manage the device remotely without authentication. This report was released after ICS-CERT failed to coordinate the vulnerabilities with FENIKS PRO. ICS-CERT has notified the affected vendor of the report and has asked the vendor to confirm the vulnerabilities and identify mitigations. ICS-CERT is issuing this alert to provide early notice of the report and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.
January 30, 2018
November 16, 2017
- AMD downplays CPU flaw discovery, says hackers would need admin rights anyway
- Puerto Rico’s Electric Utility Hacked in Weekend Attack
- Zuckerberg Breaks Silence: ‘We Made Mistakes’ Regarding Cambridge Analytica Debacle
- Why Social Engineering Works And How To Arm Yourself Against “Human Hacking”
- Former employee visits cloud and steals company data