ICSA-17-283-02

28 Oct 2017

[ICS] JanTek JTC-200 RS232-NET Converter Advisory Published

Vendor: JanTek
Equipment: JTC-200
Vulnerabilities: Cross-site Request Forgery, Improper Authentication

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-283-02

CVE-ID
CVE-2016-5789
CVE-2016-5791

AFFECTED PRODUCTS

The following versions of JTC-200, a TCP/IP converter, are affected:

  • JTC-200 all versions.


IMPACT

Successful exploitation of these vulnerabilities could allow for remote code execution on the device with elevated privileges.

Read on for details.

Read more