Friday, January 23, 2015

ICS-CERT Publishes Advisory and TIP

Yesterday the DHS ICS-CERT published an advisory for a vulnerability in a Siemens system and a tip about best practices for continuity of operations.

Siemens Advisory

This advisory describes an open redirect vulnerability in the Siemens SIMATIC S7-1200 CPU family. The vulnerability was reported to Siemens by Ralf Spenneberg, Hendrik Schwartke, and Maik Br├╝ggemann from OpenSource Training. Siemens has provided an update that mitigates this vulnerability, but there is no indication that the researchers have verified the efficacy of the fix.

ICS-CERT reports that a moderately skilled attacker could remotely exploit this vulnerability to redirect users to a malicious web site. The exploit would require a social engineering attack.

BTW: Still no mention of the Siemens NTP vulnerability.

Continuity TIP

This document provides a rather extensive list of things to ensure the survivability of a network from a malicious intrusion. This looks to be more targeted at IT and network systems than specifically directed at control system security.

I did not see anything new or earth shattering, nor is anything described in the detail necessary for someone that doesn’t already understand this stuff to implement. This may, however, provide a basic check list for managers to use to question their cybersecurity folks on the status of their security processes.

No comments:

/* Use this with templates/template-twocol.html */