Yesterday afternoon the DHS ICS-CERT updated two earlier advisories for Schneider systems and referenced a third in both of those updates. The earlier advisories addressed:
• Schneider Electric Quantum Ethernet Module Hard-Coded Credentials - ICSA-12-018-01;
• Schneider Electric PLCS Multiple Vulnerabilities – ICSA-13-077-01A; and
• Schneider Electric Multiple Vulnerabilitiesa – ICS-ALERT-13-016-01A.
Ethernet Module Firmware Updates
In addition to the earlier mitigations developed by Schneider, the revised advisory reports that two new firmware updates are now available for 140NOE77101 and 140NOE77111. The updated advisory does not mention if the original researcher, Rubén Santamarta, has been provided an opportunity to verify the efficacy of the updates.
There are still un-mitigated vulnerabilities on this advisory.
The updated advisory notes that Schneider has developed a patch for HTTP and FTP services that allows the HTTP to be disabled on certain modules. The link for these patches is a generic link that takes one to the Schneider site with no immediately apparent method to find the patches. Schneider still hasn’t produced a patch for the vulnerabilities in the Modicon M340 or Premium PLCs.
Once again there is no indication in the updated advisory that the researcher, Arthur Gervais, has had a chance to verify the efficacy of the patches.