The DHS ICS-CERT just released their second alert
in less
than a week, for another ActiveX control, this time in the Mitsubishi
MC-WorkX Suite; another SCADA/HMI application. Further pushing the similarities
with the previous alert, ICS-CERT again failed to give Blake credit for the
discovery of this vulnerability (two thumbs down). ICS-CERT does get credit for
publishing faster, this uncoordinated disclosure was made yesterday on Exploit-DB.com (one thumb
up).
ICS-CERT notes that this vulnerability is reportedly
remotely exploitable and could result in arbitrary code execution.
Looking at Blake’s history on Exploit-DB it
looks like he has come back to hackery after a hiatus of some sort. He seems to
have a penchant for ActiveX vulnerabilities, though he is certainly more
versatile that just that. It does seem that he has just started targeting
control systems. I wonder how many more ActiveX vulnerabilities he will be
reporting?
BTW: Can someone answer a question about ActiveX controls
for me? Is it possible that we could see the same control in multiple
applications? And, if it is vulnerable in one, will it be vulnerable in the
others?
Posts
No comments:
Post a Comment