You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
bas security
About this tag
The bas security tag on WindowsForum covers discussions about Building Automation System (BAS) security vulnerabilities and threats. Recent content highlights flaws in Automated Logic's WebCTRL Premium Server, including an open redirect (CVE-2024-8527) and cross-site scripting (CVE-2024-8528) that could be exploited to phish operators or deliver malicious scripts. These issues affect building automation and ICS environments, with high severity ratings. The vendor recommends upgrading to WebCTRL 9.0 for remediation. This tag is relevant for IT and security professionals managing BAS infrastructure, focusing on patching and risk mitigation.
Automated Logic’s WebCTRL Premium Server has been confirmed vulnerable to an open redirect and a cross‑site scripting (XSS) flaw — tracked as CVE‑2024‑8527 and CVE‑2024‑8528 — that together can be abused to phish operators, deliver malicious scripts into administrator browsers, and form...