Today the DHS ISC-CERT published two control system security
advisories for products from Siemens and Moxa.
Siemens Advisory
This advisory
describes multiple vulnerabilities in Siemens SICAM RTU products. The
vulnerabilities were reported by SEC Consult Vulnerability Lab. Siemens is
recommending that the web server be disabled after system commissioning to mitigate
the vulnerabilities in current versions.
The three vulnerabilities reported are:
• Missing authentication for
critical function - CVE-2017-12737;
• Improper neutralization of input
during web page generation - CVE-2017-12738; and
• Improper control of generation of code - CVE-2017-12739
ICS-CERT reports that a relatively low-skilled attacker
could remotely exploit the vulnerability using a publicly available exploit to
execute arbitrary code. The Siemens security
advisory notes that network access to the affected devices is required.
Moxa Advisory
This advisory
describes multiple vulnerabilities in the Moxa NPort serial network interface
products. The vulnerabilities were reported by Florian Adamsky. Moxa has a new
firmware version that mitigates the vulnerability. There is no indication that
Adamsky has been provided an opportunity to verify the efficacy of the fix.
The three vulnerabilities reported are:
• Improper neutralization of
special elements in output used by downstream component - CVE-2017-16719;
• Information exposure - CVE-2017-16715;
and
• Uncontrolled resource consumption
- CVE-2017-14028
Posts
No comments:
Post a Comment