ARC Informatique PcVue (Update A)

2021-01-05 15:15:11 UTC

This updated advisory is a follow-up to the original advisory titled ICSA-20-308-03 ARC Informatique PcVue that was published November 3, 2020, to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigations for Deserialization of Untrusted Data, Access to Critical Private Variable via Public Method, and Information Exposure of Sensitive Information to an Unauthorized Actor vulnerabilities in ARC Information PcVue SCADA products.