ICSA-23-026-02 · Published 2023-06-22 · View on CISA ICS-CERT ↗

Econolite EOS (Update A)

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could result in a remote unauthenticated attacker gaining full control over traffic lights.

CVE-2023-0451 CVE-2023-0452

Econolite recommends users update their affected products to the latest version. Customers are strongly encouraged to download the latest software updates through https://www.econolite.com/support.
Customers may also contact Econolite by sending an email to [email protected] or calling the Support line at (800) 225-6480 or reaching out to their local Account Manager or Distributor.
Econolite also recommends that customers follow best practices for network security and access control for all safety-critical equipment and minimize exposure by restricting access to equipment on the open public internet.

Econolite

Econolite · EOS < 3.2.23

Transportation

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.