DHS ICS-CERT Updates Samsung Advisory

This morning the DHS Industrial Control System Cyber Emergency Response Team (ICS-CERT) updated the advisory that they issued on May 26th for an SQL injection vulnerability in the Samsung Data Management Server (DMS). The update changes the method that owners/users should follow to update their system to mitigate this vulnerability.

The new instructions state:

“1. Contact Samsung via the e-mail address that is posted at the following Internet address: http://wwwdvmcare.com/SRM/dms/download.html.

“2. Samsung will then either update the DMS installation remotely or dispatch a Samsung service engineer directly to the installation site to apply the patch, depending on customer preference.”

So much for air-gapped control systems. CFATS facilities that have a Samsung DMS as part of their critical areas list need to remember that remote access to computers is unaccompanied access and is thus governed by personnel surety rules. Have fun assuring that the person who is actually doing this update is properly vetted and cleared.

BTW: This is the 'B' version of the advisory but I cannot find a copy of the 'A' version on the ICS-CERT site. The original version had no letters.