Last Updated: July 3, 2020
Overview
Vulnerabilities that are called “Ripple20” in Treck TCP/IP stack software has been reported. Yokogawa is investigating the impact to Yokogawa products about the vulnerabilities. When Yokogawa discovers the affected product, Yokogawa will provide detail information in Yokogawa Security Advisory Report (YSAR) in accordance with our Vulnerabilities Handling Policy.
Yokogawa Security Advisory Report
https://www.yokogawa.com/library/resources/white-papers/yokogawa-security-advisory-report-list/
The Yokogawa Group Vulnerability Handling Policy
https://www.yokogawa.com/eu/solutions/products-platforms/announcements/vulpolicy/
Yokogawa strongly recommends all customers to establish and maintain a full security program, not only for the Vulnerabilities. Security program components are: Patch updates, Anti-virus, Backup and recovery, zoning, hardening, whitelisting, firewall, etc. Yokogawa can assist in setting up and running the security program continuously. For considering the most effective risk mitigation plan, as a starting point, Yokogawa can perform a security risk assessment.
Reference Site
CERT/CC Vulnerability Note VU#257161
https://www.kb.cert.org/vuls/id/257161
ICS Advisory (ICSA-20-168-01)
https://www.us-cert.gov/ics/advisories/icsa-20-168-01
想要了解更多的信息,技术&解决方案?
联系我们