Sinapsi Devices Vulnerabilities

CVSS 10.0 CRITICAL

CVEs (4)

CVE-2012-5861 CVE-2012-5862 CVE-2012-5863 CVE-2012-5864

Sinapsi has developed a new firmware version 2.0.2870_2.2.12 that mitigates these vulnerabilities. Sinapsi released the new firmware on Monday, November 19, 2012 directly to the devices. Users will be able to manually download the firmware on their device by using the Firmware Update function in the System Menu in the device’s Web interface. Sinapsi has also posted a security newsletter to its public Web site (http://www.sinapsitech.it/default.asp?active_page_id=78&news_id=88).
Other affected vendors have been notified by Sinapsi and ICS-CERT, but the availability of new firmware upgrades are unknown by ICS-CERT at this time.

Sinapsi

Sinapsi · eSolar <2.0.2870_xxx_2.2.12

Sinapsi · eSolar DUO <2.0.2870_xxx_2.2.12

Sinapsi · eSolar Light <2.0.2870_xxx_2.2.12

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.