ICS-CERT Publishes Two Advisories

Today the DHS ICS-CERT published two control system security advisories for products from Schneider Electric and WAGO.

Schneider Advisory

This advisory describes a security misconfiguration vulnerability in the Schneider IGSS SCADA software. The vulnerability was reported by Ivan Sanchez of Nullcode. Schneider has developed a new version that mitigates the vulnerability. There is no indication that Sanchez has been provided an opportunity to verify the efficacy of the fix.

ICS-CERT reports that a relatively high-skilled attacker with local access could exploit the vulnerability to crash or execute arbitrary code.

WAGO Advisory

This advisory describes an improper authentication vulnerability in the WAGO PFC200 Series. The firmware vulnerability is due to a vulnerability in the CoDeSys Runtime that is included in that firmware. The CoDeSys Runtime vulnerability was reported by Reid Wightman in 2012 and was addressed by ICS-CERT in 2013. The vulnerability was reported in this WAGO product by SEC Consult. NOTE: ICS-CERT published an alert about this vulnerability last December.

ICS-CERT reports that a relatively low-skilled attacker could use a publicly available exploit to remotely exploit the vulnerability to gain unauthorized access to the PLC to perform operations on the file system without authentication.