We have two new vendor security advisories this week from
Schneider and Siemens. Siemens also published an update to their ultrasound
products notice for the WannaCry vulnerability. I
mentioned the Siemens advisory and update in passing earlier this week.
Schneider Advisory
This advisory
describes 11 vulnerabilities in the Pelco Sarix Professional fixed IP video surveillance
cameras. The vulnerabilities were variously reported by Deng Yongkai of NSFOCUS
Security Team, Melih Berk Eksioglu of Biznet Bilisim A.S., and Gjoko Krstic of
Zero Science Labs. Schneider has a new firmware version that mitigates the
vulnerabilities. There is no indication that any of the researchers have been
provided an opportunity to verify the efficacy of the fix.
The reported vulnerabilities include:
• Information disclosure - CVE-2018-7227;
• Authentication bypass (3) - CVE-2018-7228,
CVE-2018-7229, and CVE-2018-7236;
• XML external entity vulnerability
- CVE-2018-7230;
• Command execution vulnerability (4)
- CVE-2018-7231, CVE-2018-7232, CVE-2018-7233, and CVE-2018-7235;
• Arbitrary file download - CVE-2018-7234;
and
• Arbitrary file delete - CVE-2018-7237
ICS-CERT has published some surveillance camera security
advisories, but it has been hit and miss. My coverage here has also been hit
and miss since I lost (paid) access to the IPVM web
site; they are certainly the best information source for vulnerability information
(and lots of other information) on video systems. Since Schneider owns Pelco,
there will be specific coverage in these weekly posts as appropriate since
Schneider publishes a list of advisories as they are issued. That does not mean
that other video systems are vulnerability free, just that I have not seen
their reports.
Siemens Advisory
This advisory
describes 8 vulnerabilities in the Siemens SIMATIC industrial PCs. The
vulnerabilities are due to the presence of one or more of three Intel products
in the PCs; Intel reported
on these vulnerabilities back in November, 2017. Siemens has identified a
generic work around for the vulnerabilities and there is no indication that
further mitigations are in the works.
The reported vulnerabilities include:
• Buffer overflow (5) - CVE-2017-5705,
CVE-2017-5706, CVE-2017-5707, CVE-2017-5711, and CVE-2017-5712; and
• Privilege escalation (3) - CVE-2017-5708,
y CVE-2017-5709, and CVE-2017-5710;
The underlying Intel problems are wide spread and relatively
serious. The Siemens advisory does not comment on the Intel mitigation measures
(required dual firmware and software updates) nor the Intel detection tool. I wonder if
they are still checking to see if those mitigations are compatible with their
products or whether they are working on updates that will work with the Intel
mitigation measures. It is not like Siemens not to provide this type of
information.
Siemens Update
This update
describes new mitigation information for the WannaCry vulnerability in the
Siemens Healthineers ultrasound products. Technically, this update was included
(but certainly not mentioned) in the latest ICS-CERT update of their WannaCry
Alert (dated June 13th, 2017) since the link for this product
line automatically takes one to the latest version.
Posts
No comments:
Post a Comment