ICS-CERT Publishes an update to an N-Tron advisory published
earlier
this year and two new advisories for products from EasyIO and
Endress+Hauser.
N-Tron Update
This update
reports that Red Lion has produced a firmware update that mitigates the
vulnerability and that the researcher who initially reported the vulnerability,
Neil Smith, has verified the efficacy of the fix. The update reports that the
update allows the end user to upload unique keys/certificates to the unit and
this required a re-write of the user manual. The new manual is available here.
NOTE: This update is not on the main ICS-CERT web page so,
unless you follow @ICSCERT on Twitter
(or of course read this blog) you would not know about this update.
EasyIO Advisory
This advisory
describes a hard-coded credential vulnerability in the EasyIO-30P-SF controller.
The vulnerability was reported by Maxim Rupp. EasyIO has produced a patch that
mitigates the vulnerability and Rupp has verified the efficacy of the fix. This
advisory was originally released on the US-CERT Secure Portal on August 25th
and is probably one of the advisories on that Portal that I reported on earlier
this month.
ICS-CERT notes that this controller is “used in a number of
DDC systems worldwide”. With this in mind a supplement
has been issued to this advisory that lists a number of the OEM partners (and
their devices) that are affected by this vulnerability. It also lists separate actions
taken by those partners to mitigate this vulnerability.
ICS-CERT reports that a relatively low skilled attacker
could remotely exploit this vulnerability to gain complete access to the
controller.
Endress+Hauser
Advisory
This advisory
describes an XML code injection vulnerability in Endress+Hauser Fieldcare used
in conjunction with CodeWright HART Comm DTM. The vulnerability was reported by
Alexander Bolshev of Digital Security. Endress+Hauser and CodeWright have each
produced updates that work together to mitigate this vulnerability. Bolshev has
verified the efficacy of the fix.
ICS-CERT reports that a relatively low skilled attacker on
an adjacent network that receives HART DTM packets could exploit this vulnerability.
Question: How many other device manufacturers have a similar
problem that would interact with the CodeWright HART Comm DTM to produce the
same vulnerability? I am afraid that there is nothing in this advisory that
would allow anyone to answer that question with any accuracy.
Posts
No comments:
Post a Comment