Today the DHS ICS-CERT published a control system security advisory for
Schneider Modicon PLCs. The advisory describes two vulnerabilities that were
reported by Eran Goldstein of CRITIFENCE. These are not the vulnerabilities
that I briefly
described on Saturday. Schneider has developed compensating controls to
mitigate the vulnerability. There is no indication that Goldstein was provided
the opportunity to verify the efficacy of the fix. There are no indications
that Schneider intends to produce a more permanent fix to these
vulnerabilities.
The two reported vulnerabilities are:
• Authentication Bypass by
Capture-Replay - CVE-2017-6034; and
• Violation of Secure Design Principles - CVE-2017-6032
ICS-CERT reports that a relatively low skilled attacker
could remotely exploit these vulnerabilities to capture and replay sensitive
commands to PLCs on a network using the Modicon Modbus protocol.
The Schneider security
notification also mentions that SCADA/ICS Cyber Threats Research Group
contributed to the identification of these vulnerabilities.
Posts
No comments:
Post a Comment