Today the DHS ICS-CERT published two control system security
advisories for products from Advantech and Delta Electronics. It also updated a
previously published advisory for products from Siemens
Advantech Advisory
This advisory describes
multiple vulnerabilities in the Advantech WebAccess products. The vulnerabilities
were reported by Steven Seeley of Offensive Security, Zhou Yu and Andrea
Micalizzi working with the Zero Day Initiative, and Michael Deplante. Advantech
has released a new version that mitigates the vulnerabilities. There is no
indication that any of the researchers were provided an opportunity to verify
the efficacy of the fix.
The five reported vulnerabilities are:
• Untrusted pointer deference - CVE-2017-16728;
• Stack-based buffer overflow - CVE-2017-16724;
• Path traversal - CVE-2017-1672;
• SQL injection - CVE-2017-16716;
and
• Improper input validation - CVE-2017-16753
ICS-CERT reports that a relatively low-skilled attacker
could remotely exploit these vulnerabilities to cause the device to crash, remotely
execute arbitrary code or bypass authentication.
Delta Advisory
This advisory describes
multiple vulnerabilities in the Delta Industrial Automation Screen Editor. The
vulnerabilities were reported by Steven Seeley of Source Incite. The affected
product has been discontinued and Delta recommends upgrading to DOPSoft,
Version 2. There is no indication that Seeley has verified the efficacy of the
fix.
The three reported vulnerabilities are:
• Stack-based buffer overflow - CVE-2017-16751;
• Use after free - CVE-2017-16749;
and
• Out-of-bounds write - CVE-2017-16747
ICS-CERT reports that a relatively low-skilled attacker with
uncharacterized access could exploit the vulnerability to remotely execute
arbitrary code.
Siemens Update
This update provides
new information on an advisory that was was originally
published on July 6th, 2017, and updated
on July 18th, on July
28th, on October
10th, and then again on November
30th. Siemens is providing updated version information and
mitigation measures for their SIPROTEC 7UT686.
NOTE: This is the update that I
mentioned last Saturday.
Posts
No comments:
Post a Comment