This week we have a vendor disclosure for products from Rockwell
and researcher disclosures for products from D-Link and Advantech.
Rockwell Advisory
Rockwell published an advisory for an IP configuration
vulnerability in their Micrologic 1400
controllers and 1756 ControlLogix EtherNet/IP Communications Modules. The
vulnerability was reported to Rockwell by ICS-CERT (and an NCCIC-ICS advisory
should be expected this coming week). Rockwell has firmware updates available
for currently supported products that mitigate the vulnerability.
NOTE: The advisory indicates that this might be a problem
with the ODVA EtherNet/IP standard, so this vulnerability might affect products
from other vendors as well.
D-Link Vulnerabilities
John Page (hyp3rlinx) reports three vulnerabilities in the
D-Link Central WifiManager CWM-100. The reports indicate that D-Link has been
notified of the vulnerabilities but has not communicated successful mitigation
measures to Page. The reports include POC exploits.
The three reported vulnerabilities are:
• Trojan file SYSTEM privilege
escalation - CVE-2018-15515;
• Server-side request
forgery - CVE-2018-15517; and
Advantech Vulnerabilities
Tenable has published an advisory
for three vulnerabilities in the Advantech WebAccess/SCADA 8.3.2. product.
Chris Lane has published
exploit code for two of the vulnerabilities. Tenable reports that Advantech has
published a new version that mitigates the vulnerabilities. There is no
indication that Tenable has verified the efficacy of the fix.
The three reported vulnerabilities are:
• Reflected cross-site scripting - CVE-2018-15707
Posts
No comments:
Post a Comment