← Back to home
ICSA-22-256-04  ·  Published 2022-09-13  ·  View on CISA ICS-CERT ↗

Kingspan TMS300 CS

CVSS 9.8 CRITICAL

Risk Summary

The TMS300 CS system does not properly restrict access to endpoints, and successful exploitation of this vulnerability could allow an attacker to view and modify application settings without authenticating.

CVEs (1)

Remediations

  • Kingspan has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of the affected product are encouraged to contact Kingspan customer support for additional information.

Affected Vendors

Kingspan

Affected Products (1)

Kingspan · Kingspan TMS300 CS vers:all/*

Affected Sectors

Water and Wastewater Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more