Please feel free to get in touch with me if you have questions or need more information.
You can contact me on Twitter (@mmrupp) or by e-mail (firstname.lastname@example.org / email@example.com).
Use one of the following keys when discussing confidential information:
User ID: firstname.lastname@example.org; Key ID: 0x8D961353; TXT, MIT PGP Key Server
Fingerprint: CCEF 7BF2 19D0 2D97 40F3 5F9F 2970 13B3 8D96 1353
The largest part of the found issues are under NDA and can not be disclosed. Also some of the found issues will not be disclosed to the public from my side due to ethical reasons. Below you can find some part of public research made in spare time and notes.
A more complete list of public advisories can be found here. Set out below is an extract from this list.
Recent public ICS-CERT Advisories
These public security advisories are focus on ICS/SCADA and BMS devices and technologies.
Individual pages: Moxa
Recent public CERT Advisories
Chiyu Technology fingerprint access control contains multiple vulnerabilities
CVE-2015-2870 (CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page)
Honeywell Tuxedo Touch Controller contains multiple vulnerabilities
CVE-2015-2847 (CWE-603: Use of Client-Side Authentication)
Last updated: October 2017