Friday, March 23, 2018

ICS-CERT Publishes 2 Advisories and Siemens Update


Yesterday the DHS ICS-CERT published two control system security advisories for products from Beckhoff and Siemens. They also updated a previously published advisory for products from Siemens. The two Siemens products were mentioned in a previous blog post.

Beckhoff Advisory


This advisory describes an untrusted pointer dereference vulnerability in the Beckhoff TwinCAT PLC products. The vulnerability was reported by Steven Seeley of Source Incite. According to the Beckhoff security advisory, the company has updates available that mitigate the vulnerability. There is no indication that Seeley has been provided an opportunity to verify the efficacy of the fix.

ICS-CERT reports that a relatively low-skilled attacker with uncharacterized access could exploit the vulnerability to escalate privileges. ICS-CERT reports that Matlab modules need to be recompiled after updating.

Siemens Advisory


This advisory describes an improper access control vulnerability in the Siemens SIMATIC WinCC OA UI mobile app. The vulnerability was reported by Alexander Bolshev from IOActive, and Ivan Yushkevich from Embedi. Siemens has updates available that mitigate the vulnerability. There is no indication that the researchers have verified the efficacy of the fix.

ICS-CERT reports that an uncharacterized attacker on an adjacent network could exploit the vulnerability to read and write data from and to the app’s project cache folder. The Siemens security advisory notes that a social engineering attack is required to convince the App user to connect to an attacker-controlled WinCC OA server

Siemens Update


This update provides new information on an advisory that was originally published on January 25th, 2018 and updated on February 6th. The update removes a product from the affected product list.

No comments:

 
/* Use this with templates/template-twocol.html */