Today the DHS ICS-CERT updated a two-month old HeartBleed
advisory for the ABB 650 Series application and issued a new buffer overflow
advisory for Yokogawa Centum products. Yokogawa also updated an earlier
advisory that has not yet been noticed by ICS-CERT.
ABB HeartBleed Update
This advisory update
provides notice that ABB has produced a maintenance Release (available through
customer service) that mitigates the OpenSSL bug in the 650 Series application.
ABB has also updated their Cyber
Security Advisory for the HeartBleed bug in their equipment. Interestingly
the ABB published advisory can’t make up its mind (at the top of page 2) if the
CVSS Score is 5.0 or 4.8 (not that there is much difference). ICS-CERT reports
a score of 5.0.
Yokogawa Advisory
This advisory reports
a single buffer stack overflow vulnerability in Yokogawa Centum products that
was reported by Rapid7 in a coordinated disclosure. Yokogawa has produced a
patch that mitigates the vulnerability but there is no indication in the advisory
that Rapid7 has been able to verify the efficacy of the patch.
ICS-CERT reports that a moderately skilled attacker could
remotely exploit this vulnerability to execute arbitrary code. Yokogawa
reports that the vulnerability only is accessible when the Expanded Test
Functions Package is in use.
A Yokogawa Update
While following the ICS-CERT link to the Yokogawa report
referenced above, I noticed that the Company had also updated an
earlier report about four buffer overflow vulnerabilities reported
earlier. I don’t know why ICS-CERT is reporting on the update (yet?).
The new data in this update is found in the Table 1 list of
affected products and fixes. It reports a newer patch for the CENTUM 3000, CENTUM
VP, and Exaopc Server products that addresses both the earlier vulnerabilities
and the one reported by ICS-CERT today. It also reports that earlier versions
of ProSafe-RS that were earlier reported as having no patches available may now
be corrected.
Posts
No comments:
Post a Comment