Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.Black Box KVM ACR1020A-T: Update to firmware v3.6 or laterīlack Box recommends users seek advice from third-party equipment or software package(s) vendors to evaluate if this vulnerability impacts third-party equipment/software.ĬISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability.Black Box KVM ACR1002A-R: Update to firmware v3.6 or later.Black Box KVM ACR1002A-T: Update to firmware v3.6 or later.Black Box KVM ACR1000A-T-R2: Update to firmware v3.6 or later.Black Box KVM ACR1000A-R-R2: Update to firmware v3.6 or later.MITIGATIONSīlack Box has provided an update to the firmware to mitigate this vulnerability and recommends all users update products to the latest versions:
Black Box KVM ACR1000A-R-R2: Firmware version v7.The following models and versions of Black Box KVMs, a Keyboard/Video/Mouse switch and extender, are affected: Successful exploitation of this vulnerability could allow an attacker to read sensitive data on the built-in web servers of the affected devices.
ATTENTION: Low attack complexity/public exploits are available.
0 kommentar(er)
