[Control systems] Black Box security advisory (AV23-011)

Number: AV23-011
Date: January 10, 2023

On January 10, 2023, ICS-CERT published an ICS Advisory to address a vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. in the following products:

• Black Box KVM ACR1000A-R-R2 – Firmware version v3.4.31307
• Black Box KVM ACR1000A-T-R2 – Firmware version v3.4.31307
• Black Box KVM ACR1002A-T – Firmware version v3.4.31307
• Black Box KVM ACR1002A-R – Firmware version v3.4.31307
• Black Box KVM ACR1020A-T – Firmware version v3.4.31307

Exploitation of this vulnerability could result in information disclosure.

The Cyber Centre encourages users and administrators to review the provided web link, perform the suggested mitigations and apply the necessary updates.

• ICS Advisory (ICSA-23-010-01)