OT ICEFALL: The legacy of “insecure by design” and its implications for certifications and risk management

Vedere Labs has identified a set of 56 vulnerabilities affecting devices from 10 operational technology (OT) vendors that we are collectively calling OT:ICEFALL. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography or broken authentication schemes, insecure firmware updates and remote code execution via native functionality.

Read more about it: here