Yesterday afternoon the DHS ICS-CERT updated two earlier
advisories for Schneider systems and referenced a third in both of those
updates. The earlier advisories addressed:
• Schneider Electric Quantum
Ethernet Module Hard-Coded Credentials - ICSA-12-018-01;
• Schneider Electric PLCS Multiple
Vulnerabilities – ICSA-13-077-01A;
and
• Schneider Electric Multiple
Vulnerabilitiesa – ICS-ALERT-13-016-01A.
Ethernet Module
Firmware Updates
In addition to the earlier mitigations developed by Schneider,
the revised advisory reports that two new firmware updates are now available
for 140NOE77101
and 140NOE77111.
The updated advisory does not mention if the original researcher, Rubén
Santamarta, has been provided an opportunity to verify the efficacy of the
updates.
There are still un-mitigated vulnerabilities on this advisory.
PLC Updates
The updated advisory notes that Schneider has developed a
patch for HTTP and FTP services that allows the HTTP to be disabled on certain
modules. The link for these patches is a generic link that takes one to the
Schneider site with no immediately apparent method to find the patches.
Schneider still hasn’t produced a patch for the vulnerabilities in the Modicon
M340 or Premium PLCs.
Once again there is no indication in the updated advisory
that the researcher, Arthur Gervais, has had a chance to verify the efficacy of
the patches.
Posts
No comments:
Post a Comment