Tag: Bugs

Over a Third of Recent ICS Bugs Still Have No Vendor Patch
Risk, Security

Over a Third of Recent ICS Bugs Still Have No Vendor Patch

Operators of industrial control systems (ICS) are being let down by their vendors, according to new data that shows 35% of CVEs announced in the second half of 2022 still lack a fix. The 926 CVEs identified via ICS Advisories from the Cybersecurity and Infrastructure Security Agency (CISA) were examined in SynSaber's ICS Vulnerabilities report for H2 2022. It was discovered that many ICS asset owners' systems are vulnerable as a result of a lack of vendor updates, in addition to the rise in disclosed CVEs (up 36% from the 681 revealed in the first half of the year). According to SynSaber, "Original Equipment Manufacturer (OEM) providers often have tight patch testing, approval, and installation processes," which is why delays frequently occur read the complete article Over a Thir...