Yesterday the DHS ICS-CERT published three control system
security advisories for products from Advantech, Intel and Vecna. They
published a medical device security advisory for products from Becton,
Dickinson and Company (BD). They also updated two control system security
advisories previously published for products from Siemens. I have previously
reported these two updates (here
and here).
Advantech Advisory
This advisory
describes three vulnerabilities in the Advantech WebAccess HMI Designer. The
vulnerabilities were reported by Steven Seeley of Source Incite thru the Zero
Day Initiative. No mitigation measures have yet been provided.
The three reported vulnerabilities are:
• Heap-based buffer overflow - CVE-2018-8833;
• Double free - CVE-2018-8835; and
• Out-of-bounds write - CVE-2018-8837
ICS-CERT reports that a relatively low skilled attacker
could remotely exploit these vulnerabilities to remotely execute arbitrary
code.
Intel Advisory
This advisory
describes a classic buffer overflow vulnerability in the Intel 2G modem
products. The vulnerability was reported by Dr. Ralph Phillip Weinmann and Dr.
Nico Golde from Comsecuris. Intel is making firmware updates available to
device manufacturers that protect systems from this vulnerability. There is no
indication that the researchers have been provided an opportunity to verify the
efficacy of the fix.
The Intel
advisory notes that: “The vulnerability affects Intel® 2G Modem products
where the Earthquake Tsunami Warning System (ETWS) feature is enabled in Modem
firmware.”
ICS-CERT reports that an uncharacterized attacker could
remotely exploit this vulnerability to allow remote code execution.
It will be interesting to see if ICS-CERT provides us a list
of the affected vendors as they update their products with the new Intel
firmware. Given that this is Intel, I suspect that the list of affected vendors
could be extensive.
Vecna Advisory
This advisory
describes two vulnerabilities in the Vecna VGo Robot, a mobile robotic
assistant. The vulnerability was reported by Dan Regalado from Zingbox. Vecna
has released an update that mitigates the vulnerability. There are no
indications that Regalado has been provided an opportunity to verify the
efficacy of the fix.
The two reported vulnerabilities are:
• OS command injection - CVE-2018-8866;
and
• Clear transmission of sensitive
information - CVE-2018-8860
ICS-CERT reports that a relatively low-skilled attacker on
an adjacent network could exploit the vulnerability to capture firmware updates
through network traffic and could allow remote code execution.
BD Advisory
This advisory
describes the KRACK vulnerabilities
in the BD BD Pyxis Products. BD is reporting being affected by 9 of the 10
reported KRACK vulnerabilities (not reporting - CVE-2017-13084: Reinstallation
of the STK key in the PeerKey handshake). BD has implemented third-party vendor
patches through BD's routine patch deployment process that resolves these
vulnerabilities for most devices. The BD
advisory that for three of the affected products coordination with
customers is necessary to properly deploy patches and they are contacting the
affected customers.
SIMATIC Update
This update
provides new information on an advisory that was originally
published on March 29th, 2018. The update provides new affected
version information and mitigation measures for SIMATIC BATCH V8.0 and V8.1.
SCALANCE Update
This update
provides new information on an advisory that was originally
published on November 14th, 2017 and updated on December
5th, 2017, December
19th, 2017 and again on January
25th, 2018. The update provides new affected version information
and mitigation measures for SCALANCE W1750D.
Posts
No comments:
Post a Comment