Wednesday, February 11, 2015

ICS-CERT Publishes an Update, an Advisory and an Alert

Yesterday the DHS ICS-CERT published an update for a Siemens advisory, a new advisory for an Advantech product line, and an alert for a Microsoft vulnerability.
Siemens Update
This update is for an WinCC advisory that was originally published last November. This update provides notification that the last affected system (WinCC 7.0 SP 3) now has an update available to mitigate the vulnerability. Siemens published their update last week.
Advantech Advisory
This advisory describes a buffer overflow vulnerability in the Advantech EKI-1200 MODBUS Gateway product line. The vulnerability was originally reported by Enrique Nissim and Pablo Lorenzzato of the Core Security Engineering Team in a coordinated disclosure. ICS-CERT reports that Advantech has a patch that mitigates the vulnerability but there is no indication that the researchers have validated that fix.
ICS-CERT reports that a relatively unskilled attacker could remotely exploit this vulnerability to execute arbitrary code.
Microsoft Alert
This alert describes a critical security update for the Microsoft Windows operating systems. The JASBUG vulnerability was first reported by four different researchers, including Jeff Schmidt at Global Advisors. Microsoft has produced an update that mitigates the vulnerability, but there is no indication that the researchers have been given the opportunity to verify the efficacy of the update.
ICS-CERT reports that an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

ICS-CERT notes that just processing the update does not fix the vulnerability. Additional actions need to be taken by the system administrator before the fix actually mitigates the vulnerability.

No comments:

/* Use this with templates/template-twocol.html */