Wednesday, June 13, 2018

ICS-CERT Publishes 2 Advisories and Updates 3 Siemens Advisories


Yesterday the DHS ICS-CERT published two control system security advisories for products from Siemens and Schneider. It also updated three control system security advisories for products from Siemens.

BTW: I discussed the Schneider advisory Saturday.

Siemens Advisory


This advisory describes two cross-site scripting vulnerabilities in the Siemens SCALANCE X switches. The vulnerabilities were reported by Marius Rothenb├╝cher and Ali Abbas. Siemens has provided updates that mitigate the vulnerabilities. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.

ICS-CERT reports that a highly-skilled attacker could remotely exploit the vulnerability to to store script code on the website and execute cross-site scripting (XSS), affecting the website’s confidentiality, integrity, and availability. The Siemens advisory notes that one of the vulnerabilities requires the attacker to log into the web application, but the other can be exploited via a social engineering attack.

Schneider Advisory


This advisory describes four vulnerabilities in the Schneider U.motion Builder. The vulnerabilities were reported by Wei Gao of Ixia and bigric3@360A-TEAM. Schneider has a firmware patch that mitigates the vulnerabilities. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.

The four reported vulnerabilities are:

• Stack-based buffer overflow - CVE-2018-7784;
• OS command injection - CVE-2018-7785;
• Cross-site scripting - CVE-2018-7786; and
Improper input validation - CVE-2018-7787

ICS-CERT reports that a relatively low-skilled attacker could remotely exploit these vulnerabilities to allow for remote code execution.

SIMATIC Update


This update provides new information on an advisory that was originally published on February 14th, 2017 and updated on June 15th, on July 6th and again on November 31st, 2018. The update corrects the version affected data for PCS 7.


SIMATIC PCS7 Update


This update provides new information on an advisory that was originally published on November 2nd, 2018. The update corrects the affected version data for PCS 7 v8.2 and provides information about the update available to mitigate the vulnerability.

SIMATIC WinCC Update


This update provides new information on an advisory that was originally published on March 29th, 2018 and updated on April 24th, 2018. The update corrects the affected version data for PCS 7 v8.2 and provides information about the update available to mitigate the vulnerability. In both this and the previous update, the new service pack for PCS 7 v8.2 is available from ‘local support’.

NOTE: Siemens announced a total of 5 new advisories and 5 updates yesterday. I expect that we will see the remainder Thursday.

No comments:

 
/* Use this with templates/template-twocol.html */