Earlier today the DHS ICS-CERT published three new control
system security advisories for products from Meinberg, Unitronics, and
Rockwell.
Meinberg Advisory
This advisory
describes multiple vulnerabilities in the Meinberg NTP Time Servers Interface. The
vulnerabilities were reported by Ryan Wincey. Meinberg has produced a new
version that mitigates the vulnerabilities. ICS-CERT reports that Wincey has
verified the efficacy of the fix.
The vulnerabilities include:
• Twin stack-based buffer overflows
- CVE-2016-3962 and CVE-2016-3988; and
• Privilege escalation - CVE-2016-3989
ICS-CERT reports that a relatively low skilled attacker
could remotely exploit these vulnerabilities to cause a buffer overflow
condition that may allow escalation to root privileges.
Unitronics Advisory
This advisory
describes a stack-based overflow vulnerability in the Unitronics VisiLogic
product. The vulnerability was reported by Steven Seeley of Source Incite via
ZDI. Unitronics has produced a new version that mitigates the vulnerability. There
is no indication that Seeley has been given an opportunity to verify the
efficacy of the fix.
ICS-CERT reports that a relatively unskilled attacker could
remotely exploit the vulnerability to remotely execute arbitrary code.
The Unitronics’ CERT Compliance page
reports that the vulnerability is in the 'Xceed Zip Compression Library' (the
XceedZip.dll), - a 3rd party component from Xceed. Unitronics upgraded to
version 6.5.16068.0 in their updated version.
NOTE: Once again a vulnerability in a 3rd party
library raises the question of what other control system programs are using the
vulnerable version of this .DLL?
Rockwell Advisory
This advisory
describes a resource management vulnerability in the Rockwell Allen-Bradley
Stratix 5400 and Allen-Bradley Stratix 5410 industrial networking switches. The
vulnerability is apparently self-reported.
ICS-CERT reports that a relatively unskilled attacker could
remotely exploit the vulnerability to impact traffic (or packets) transiting
the affected device.
Posts
No comments:
Post a Comment