← Back to home
ICSA-24-268-06  ·  Published 2024-10-24  ·  View on CISA ICS-CERT ↗

OMNTEC Proteus Tank Monitoring (Update A)

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of this vulnerability allow an attacker to perform administrative actions without proper authentication.

CVEs (1)

Remediations

  • OMNTEC reports the vulnerability affects a legacy OMNTEC product, Generation 3.0 of OEL8000III K/X ATGs. Generations 3.5 and 4.0 of the OMNTEC Proteus OEL8000III K/X ATGs are not subject to the reported vulnerability.
  • OMNTEC has identified the following specific work arounds and mitigations users can apply to reduce risk:
  • OMNTEC Proteus OEL8000III K/X ATG Generation 3.0: Update Generation 3.0 to Generation 3.5 or higher
  • Users should contact OMNTEC or an authorized service provider if they are interested in upgrading their Generation 3.0 systems.

Affected Vendors

OMNTEC Mfg., Inc.

Affected Products (1)

OMNTEC Mfg., Inc. · OMNTEC Proteus Tank Monitoring OEL8000III_K/X_ATG_Generation_3.0

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more