ICSA-18-221-01
·
Published 2018-08-09
·
View on CISA ICS-CERT ↗
Crestron TSW-X60 and MC3
CVSS 9.8
CRITICAL
Risk Summary
Successful exploitation of these vulnerabilities may allow remote code execution with escalated system privileges.
Remediations
- TSW-X60 (login required) - https://www.crestron.com/en-US/Software-Firmware/Firmware/Touchpanels/TSW-560-TSW-760-TSW-1060/2-001-0040-01
- MC3 (login required) - https://www.crestron.com/en-US/Software-Firmware/Firmware/3-Series-Processors/MC3/1-502-0047-001
- Crestron also recommends users refer to Crestron's Online Help for more information about these and other vulnerabilities (Article #5471). Information for hardening devices is available in Article #5571.
Affected Vendors
Crestron
Affected Products (2)
Crestron
·
TSW-X60
< 2.001.0037.001
Crestron
·
MC3
< 1.502.0047.001
Affected Sectors
Government Facilities, Commercial Facilities
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more