This afternoon the DHS ICS-CERT published two new advisories
for industrial control system vulnerabilities in specific equipment from
Scheneider and Emmerson.
Schneider Advisory
This advisory
describes a stack-based buffer overflow vulnerability in the Wonderware InTouch
Access Anywhere Server product that was apparently self-identified. Schneider
has a product security update that mitigates the vulnerability.
ICS-CERT reports that a relatively unskilled attacker could
remotely exploit this vulnerability to execute arbitrary code. If Schneider has
any additional information about this vulnerability they are restricting access
to that information to just customer. Okay, I don’t really blame them, but it
sure makes writing about the vulnerability difficult.
Emerson Advisory
This advisory
describes an improper input vulnerability in the CodeWrights HART Device Type
Manager (DTM) library utilized in Emerson’s HART DTM reported by Alexander
Bolshev in a coordinated disclosure.
CodeWrights has produced a new library that Emmerson has verified
mitigates the vulnerability. ICS-CERT and Emerson both claim that this
vulnerability does not affect field devices or WirelessHART devices.
ICS-CERT reports that physical access to the Hart loop is
required to exploit this vulnerability, but they also report that exploits are
publicly available (See 2014 BlackHat presentation
by Bolshev). This leads to the Emerson mitigation recommendation that, in
addition to updating the HART DTM, Emerson recommends having physical
protection of the end users’ entire infrastructure.
Emerson has a neat little side comment in their
discussion about updating the HART DTM that apparently ICS-CERT overlooked.
Emmerson reported that: “Note: This updated DTM will NOT fix other vendors DTMs
affected by this issue.” One assumes that Emerson expects that other vendors
are also using similar DTM libraries. That might have been something good for
ICS-CERT to mention.
Posts
No comments:
Post a Comment