Saturday, November 3, 2018

Public ICS Disclosure – Week of 10-27-18


This week we have two vendor disclosures from ABB and two exploits for products from Modbus Tools.

CMS-770 Advisory


ABB published an advisory for a configuration file vulnerability in the CMS-770 control unit. The vulnerability was reported by Maxim Rupp. ABB has updated the manual for this product to outline additional security measures that mitigate the vulnerability. There is no indication that Maxim has been provided an opportunity to verify the efficacy of the fix.

ABB reports that successful exploitation of this vulnerability could cause the product to reveal the credentials allowing to take over the entire control of the product.

M2M Ethernet Network Analyzer Advisory


ABB published an advisory for a language file vulnerability in the M2M Ethernet Network Analyzer. The vulnerability was reported by Maxim Rupp. ABB has updated the manual for this product to outline additional security measures that mitigate the vulnerability. There is no indication that Maxim has been provided an opportunity to verify the efficacy of the fix.

ABB reports that successful exploitation of this vulnerability could allow an attacker to upload a language file to the product without being requested to authenticate himself.

Modbus Tools Exploits


Kağan Çapar published an exploit for a buffer overflow vulnerability in the Modbus Tools Modbus Slave programming tool. No CVE number is provided so this may be a 0-day vulnerability.

Ihsan Sencan published an exploit for a denial of service vulnerability in the Modbus Tools Modbus Slave programming tool. A new (no details available) CVE number was provided so there is a possibility that the vendor has been contacted about this vulnerability.

No comments:

 
/* Use this with templates/template-twocol.html */