This afternoon the DHS ICS-CERT published their 15th
advisory for a Crain-Sistrunk identified improper input validation
vulnerability. This one was for the Orion Master and Slave modules from
NovaTech. NovaTech has produced a firmware update that Crain-Sistrunk have
verified mitigates the identified vulnerability.
As is typical for this series of advisories, ICS-CERT
reports that there are twin vulnerabilities; one affecting IP communications
and the other affecting serial communications. The advisory notes that a
skilled moderately attacker could remotely exploit the IP vulnerability to
execute a denial of service attack. A higher attacker skillset, according to
ICS-CERT, would be required to exploit the serial communications vulnerability
because either physical access would be required or a social engineering attack
would have to be included in the exploit.
While I am not an electrical transmission system engineer,
the discussions I’ve seen about the serial communications vulnerability would
seem to indicate that certain non-technical skills (cutting a fence or climbing
a ladder) would be required to gain physical access to the slave devices, the
level of technical skill required to plug in a serial cable is quite low.
BTW, according to the count on the Project Robus web site there are
still 10 (or maybe 11, Adam Crain may have lost count of the vulnerable
systems) vulnerability reports wending their way through the coordinated
disclosure system for nearly identical vulnerabilities. There probably would be
more, but Crain-Sistrunk (and now Todorski) have moved on to bigger and better
discoveries. Besides, no one wants to catalog all of the systems that are
vulnerable because they are based upon a vulnerable library from Triangle
Microworks.
Posts
No comments:
Post a Comment