Today the DHS ICS-CERT published a control system security
advisory for Rockwell Allen-Bradley Stratix 5950 security appliances. The advisory
describes five vulnerabilities in software from the Cisco Adaptive Security
Appliance which Rockwell uses as the central operating system for their Stratix
5950 security appliance. Sharp eyed readers will recognize that I
reported on these vulnerabilities almost two weeks ago shortly after
Rockwell published their
advisory.
There are system setup workarounds that reduce the risk of a
denial of service attack from one of the improper input validation vulnerabilities
and a Cisco provided Snort Rule for one of the others. There are currently no
mitigation measures for the remaining three vulnerabilities.
The five reported vulnerabilities are:
• Improper input validation (3) - CVE-2018-0228,
CVE-2018-0231, and CVE-2018-0296;
• Improper certificate validation -
CVE-2018-0227; and
• Resource management errors - CVE-2018-0240
ICS-CERT reports that a relatively low-skilled attacker
could remotely exploit the vulnerabilities to bypass client certification to
create connections to the affected device or cause the device to crash.
*Insert standard third-party vulnerability rant*
Posts
No comments:
Post a Comment