This content is viewable by Everyone
Critical Vulnerability in the NPM Package ua-parser-js
GitHub has released an advisory about a Critical vulnerability in the NPM package ua-parser-js. This advisory is to protect against remote attackers using the vulnerabilities to obtain sensitive information or take control of the system. Any computer that has this package installed or running should be considered fully compromised
For a complete description of the vulnerabilities and effected systems, visit ICS Advisory (ICSA-21-292-02) Trane HVAC Systems Controls.