Saturday, May 7, 2011

ICS-CERT Publish Two New Advisories

Yesterday the DHS Industrial Control System Cyber Emergency Response Team (ICS-CERT) published two new control system advisories on it web site for systems from 7-Technologies (7T) and Samsung.

7T Advisory Address Multiple Vulnerabilities

Apparently inspired by the multiple vulnerability discoveries of Luigi, Joel Langill (a frequent reader of this blog) took a detailed look at the 7T IGSS SCADA system and discovered 8 new vulnerabilities in addition to the 8 previously discovered by Luigi. The vulnerabilities, exploitable by a moderately skilled attacker, included:

• Stack-based buffer overflows;

• Path traversal;

• String formatting; and

• Local arbitrary code execution (dc.exe).
7T has publicly addressed the discovery of these vulnerabilities and has already published a patch that ICS-CERT has verified that the patch addresses the identified vulnerabilities.

Samsung Vulnerability

The Samsung DMS software identified in the second ICS-CERT advisory will not be used to manufacture chemical products since it is used to control air conditioning systems. As such it could be used to effect a chemical attack on personnel in a building using this system. Using an SQL injection attack a low to moderately skilled attacker can bypass authentication and gain administrative privileges on the system.

In addition to applying the update available on the Samsung web site, ICS-CERT recommends the implementation of firewall rules to limit network access to the DMS system on Port 80/TCP.

No comments:

/* Use this with templates/template-twocol.html */