Today the DHS ICS-CERT published three control system security advisories for products from Rockwell, Marel, and Schneider.
This advisory describes an improper input validation vulnerability in the Allen-Bradley Stratix and ArmorStratix Industrial Ethernet and Distribution switches. The vulnerability is apparently self-reported. Rockwell has developed compensating controls to mitigate the vulnerability.
ICS-CERT reports that a relatively unskilled attacker could remotely exploit the vulnerability to impact the availability of the target device or to execute arbitrary code with elevated privileges.
This vulnerability is actually found in the Cisco IOS and Cisco IOS XE software used in the Rockwell products. The same vulnerability is found in a number of Cisco switches and possibly switches from other vendors not mentioned in the ICS-CERT advisory.
This advisory describes two vulnerabilities in a variety of Marel Food Processing Systems. The vulnerabilities were reported by Daniel Lance. ICS-CERT reports that Marel has not produced any mitigating measures.
The two reported vulnerabilities are:
• Hard-Coded Passwords, CVE-2016-9358; and
• Unrestricted Upload, CVE-2017-6041
ICS-CERT reports that a relatively unskilled attacker could remotely exploit the vulnerability to gain unauthorized administrative access to affected devices.
This advisory describes a DLL vulnerability in the Schneider Interactive Graphical SCADA System (IGSS) Software. The vulnerability was reported by Karn Ganeshen. Schneider Electric recommends that users upgrade to Windows 10 to mitigate this vulnerability.
ICS-CERT reports that an relatively unskilled attacker could remotely exploit this vulnerability to remotely execute arbitrary code.
The Schneider Security Notification reports that the vulnerability also applies to certain OCX files when using Windows 7®.