Yesterday the DHS ICS-CERT published an advisory for
a vulnerability in a Siemens system and a tip about best practices for
continuity of operations.
Siemens
Advisory
This advisory
describes an open redirect vulnerability in the Siemens SIMATIC S7-1200 CPU
family. The vulnerability was reported to Siemens by Ralf Spenneberg, Hendrik
Schwartke, and Maik Brüggemann from OpenSource Training. Siemens has provided
an update that mitigates this vulnerability, but there is no indication that
the researchers have verified the efficacy of the fix.
ICS-CERT reports that a moderately skilled attacker
could remotely exploit this vulnerability to redirect users to a malicious web
site. The exploit would require a social engineering attack.
BTW: Still no mention of the Siemens
NTP vulnerability.
Continuity
TIP
This document
provides a rather extensive list of things to ensure the survivability of a
network from a malicious intrusion. This looks to be more targeted at IT and
network systems than specifically directed at control system security.
I did not see anything new or earth shattering, nor
is anything described in the detail necessary for someone that doesn’t already
understand this stuff to implement. This may, however, provide a basic check
list for managers to use to question their cybersecurity folks on the status of
their security processes.
Posts
No comments:
Post a Comment