This week we have four vendor reports of vulnerabilities {Siemens,
ABB, and PEPPERL+FUCHS (2)} and exploits for two previously reported
vulnerabilities (Cisco and Delta Industrial)
Siemens Advisory
This advisory
describes six vulnerabilities in the Siemens SICLOCK TC devices. These
vulnerabilities are being self-reported. The products are at end-of-life and
thus Siemens is just providing workarounds for these vulnerabilities (and
probably explains why they have not reported this to ICS-CERT).
Siemens reports that the vulnerabilities could be exploited
by an attacker with network access to the device to allow an attacker to cause Denial-of-Service
conditions, bypass the authentication, and modify the firmware of the device or
the administrative client.
ABB Advisory
This advisory
describes a file parser vulnerability in the ABB Panel Builder 800 products.
The vulnerability was reported by Michael DePlante of Leahy Center for Digital
Investigation and Michael Flanders of Trend Micro. ABB is working on an update
for this product, but has provided workarounds to mitigate the vulnerability.
ABB notes that a social engineering attack is required to exploit
the product. A successful exploit would allow the attacker to insert and run
arbitrary code on a computer where the affected product is used.
NOTE: There was a second advisory reported on the ABB
web site for their Sentinel HASP/LDK License Manager, but the some sort of
problem with the link provided.
PEPPERL+FUCHS Advisories
The first advisory
addresses the Spectre and Meltdown vulnerabilities in their ecom mobile devices.
This is separate from their previously reported Spectre/Meltdown advisory
for their HMI products. That other advisory is listed in the most
recent ICS-CERT alert update.
The advisory notes that firmware updates will be released
for the affected products.
The second advisory
describes a remote code execution vulnerability in the PEPPERL+FUCHS HMI
products. The vulnerability was reported by Eyal Karni, Yaron Zinar, Roman
Blachman @ Preempt, Research Labs. This vulnerability is in a third-party
product, Microsoft's Credential Security Support Provider. PEPPERL+FUCHS has
provided updates for some of the affected products and recommended using the
Microsoft Windows update for the remaining Windows 7 or Windows 10 based systems.
Cisco Exploit
Yassine Aboukir published exploit code on
ExploitDB.com for a path traversal vulnerability in the Cisco ASA Software and
Cisco Firepower Threat Defense (FTD) Software. This vulnerability was most
recently reported by ICS-CERT as a third party vulnerability in the Rockwell
Allen-Bradley Stratix 5950.
Delta Industrial Exploit
t4rkd3vilz published exploit code on
ExploitDB.com for a stack-based buffer overflow vulnerability in the Delta
Industrial Automation COMMGR. This vulnerability was reported
by ICS-CERT on June 21st, 2018.
Posts
No comments:
Post a Comment