Today the DHS ICS-CERT published new advisories for products
from Cogent and Triangle MicroWorks (TMW). Both advisories are based upon
coordinated disclosures.
Cogent Advisory
This advisory
addresses multiple vulnerabilities in the Cogent DataHub. The vulnerabilities
were reported by Alain Homewood. Cogent has produced a new version of the
application that addresses three of the four identified vulnerabilities and ICS-CERT
reports that Homewood has verified the efficacy of the mitigation measures for
those vulnerabilities.
The vulnerabilities are:
• Reflected cross-site scripting, CVE-2014-72038;
• Directory traversal, CVE-2014-59156;
• Password hash with insufficient
computational effort, CVE-2014-32537; and
• Many known vulnerabilities in
OpenSSL version 1.0.0D.
ICS-CERT reports that a low to moderately skilled attacker
could exploit these vulnerabilities (three of them remotely) with a variety of
potential effects. The new version does not address the third vulnerability
listed above; Cogent advises that they do not plan to address this
vulnerability due to “compatibility issues with existing systems”. They explain
(and Homewood agrees according to the advisory) that an adequately strong
password will be an effective mitigation of this vulnerability.
Triangle MicroWorks
Advisory
This advisory
addresses Crain-Sistrunk DNP3 vulnerabilities in TMW SCADA Data Gateway. It
addresses the two standard vulnerabilities in serial and IP communications. In
fact the wording of this advisory is nearly identical with an
ICS-CERT advisory published last fall that covered both the devices
included in this advisory as well as TMW’s DNP3 Source Code libraries.
Interestingly this advisory points us at a TMW
document that documents the changes that are referenced in this advisory.
Unfortunately, that document only reports the changes that were made last fall
in response to the earlier advisory. Something odd is going on here and what it
is isn’t clear from the ICS-CERT advisory.
BTW: The Project Robus web page does not yet
list this second TMW advisory. Looking at their tally it would seem that we
still have seven more Crain-Sistrunk advisories to be published by ICS-CERT.
Posts
No comments:
Post a Comment