Thursday, December 12, 2013

ICS-CERT Publishes Two Cooper Power Advisories

This afternoon the DHS ICS-CERT published two separate advisories for industrial control systems from Cooper Power Systems; one for the SMP Gateway DNP3 protocol and one for the DNP3 Master OPS Server. Since these are both improper input validation vulnerabilities for DNP3 systems, it should come as no surprise that they were reported by Crain-Sistrunk in coordinated disclosures.

ICS-CERT reports that the SMP Gateway advisory covers two separate improper input validation vulnerabilities, one for IP communications and the other for serial communications. The Master OPS Server advisory has only a single vulnerability. Both systems could be remotely attacked by moderately skilled attackers, potentially resulting in a DOS attack.

Cooper Power Systems makes the unusual recommendation of discontinuing use of the OPS Server and replacing it with the SMP Gateway after the firmware upgrade from Cooper Power Systems is installed. ICS-CERT reports that Crain-Sistrunk have validated the efficacy of the SMP Gateway firmware upgrade.

Project Robus reports that these are advisories #13 and #14 out of 25 (or 26, Crain and Sistrunk are not sure if they counted the earlier GE IP vulnerability) so we can still expect some more of these DNP3 reports.

No comments:

/* Use this with templates/template-twocol.html */