Today the DHS ICS-CERT published an industrial control system advisory for products from Hanwha Techwin. The advisory describes two vulnerabilities in the Hanwha Techwin Smart Security Manager. The vulnerabilities were reported by Steven Seeley of Source Incite. Hanwah Techwin has produced a patch to mitigate the vulnerability. There is no indication that Seely has been provided an opportunity to verify the efficacy of the fix.
The two reported vulnerabilities are:
• Path traversal - CVE-2017-5168; and
• Cross-site request forgery - CVE-2017-5169
ICS-CERT only notes that the vulnerabilities are remotely exploitable and reports that a successful exploit could lead to create an arbitrary file on the server with attacker controlled data as well as an attacker gaining root shell access.