Last week, Team82 published the inaugural installment of its new Biannual ICS Risk & Vulnerability Report, which offers an in-depth assessment of all ICS vulnerabilities disclosed during the first half of the year (1H 2020), the challenges they pose to security practitioners, and what conclusions can be drawn from publicly available data. For more insight into the report's research findings and the implications for those tasked with defending OT environments, join Claroty Chief Product Officer Grant Geyer for our upcoming webinar to be held this Thursday, Aug. 27, at 10 a.m. EST. Click here to register.
The infographics below offer some visual perspective into key statistics from the Claroty Biannual ICS Risk & Vulnerability Report, 1H 2020, which will be discussed in greater detail during the webinar:
The webinar will also offer additional insights into the vendors, products, sectors, and regions most affected by recently discovered ICS vulnerabilities, potential impacts and other characteristics of these vulnerabilities, and how the ICS risk & vulnerability landscape has changed since 1H 2019.
Hardcoded credentials in the Frick Controls Quantum HD create a vulnerability that leads to unauthorized access, exposure of sensitive information, and potential misuse or system compromise.
The Frick Controls Quantum HD, versions 10.22 through 11, are legacy platforms that have reached end of support. Johnson Controls, Inc. recommends upgrading to the latest platform, Quantum HD Unity, version 12 or higher. After completing the upgrade to version 12, verify full compliance with the hardening guide and apply all recommended security configurations.
CVSS v3: 6.2
The Frick Controls Quantum HD contains a vulnerability that allows an unauthenticated attacker to execute arbitrary code on the affected device, leading to full system compromise.
The Frick Controls Quantum HD, versions 10.22 through 11, are legacy platforms that have reached end of support. Johnson Controls, Inc. recommends upgrading to the latest platform, Quantum HD Unity, version 12 or higher. After completing the upgrade to version 12, verify full compliance with the hardening guide and apply all recommended security configurations.
CVSS v3: 7.5
The Frick Controls Quantum HD is vulnerable due to insufficient validation of input in certain parameters that may permit unexpected actions, which could impact the security of the device before authentication occurs.
The Frick Controls Quantum HD, versions 10.22 through 11, are legacy platforms that have reached end of support. Johnson Controls, Inc. recommends upgrading to the latest platform, Quantum HD Unity, version 12 or higher. After completing the upgrade to version 12, verify full compliance with the hardening guide and apply all recommended security configurations.
CVSS v3: 9.1
The Frick Controls Quantum HD is vulnerable due to insufficient validation of input in certain parameters that may permit unexpected actions, which could impact the security of the device before authentication occurs.
The Frick Controls Quantum HD, versions 10.22 through 11, are legacy platforms that have reached end of support. Johnson Controls, Inc. recommends upgrading to the latest platform, Quantum HD Unity, version 12 or higher. After completing the upgrade to version 12, verify full compliance with the hardening guide and apply all recommended security configurations.
CVSS v3: 9.1
The Frick Controls Quantum HD is vulnerable due to insufficient validation of input in certain parameters that may permit unexpected actions, which could impact the security of the device before authentication occurs.
The Frick Controls Quantum HD, versions 10.22 through 11, are legacy platforms that have reached end of support. Johnson Controls, Inc. recommends upgrading to the latest platform, Quantum HD Unity, version 12 or higher. After completing the upgrade to version 12, verify full compliance with the hardening guide and apply all recommended security configurations.
CVSS v3: 9.1
