Friday, December 21, 2018

Three Advisories and One Update Published – 12-20-18


Yesterday the DHS NCCIC-ICS published three control system security advisories for products from Rockwell Automation, Schneider Electric and Horner Automation. The also published an update for a previously published advisory for products from OMRON. The Rockwell advisory was originally posted to the HSIN ICS-CERT library on November 27, 2018.

Rockwell Advisory


This advisory describes an heap-based buffer overflow vulnerability on the Rockwell FactoryTalk Services Platform. The vulnerability was reported by Andrey Zhukov. Rockwell has a new version that mitigates the vulnerability. There is no indication that Zhukov has been provided an opportunity to verify the efficacy of the fix.

NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit the vulnerability to diminish communications or cause a complete denial of service to the device.

Schneider Advisory


This advisory describes an open redirect vulnerability in the Schneider EcoStruxure. The vulnerability was reported by Donato Onofri of Business Integration Partners S.p.A. Schneider has new versions that mitigate the vulnerability. There is no indication that Onofri has been provided an opportunity to verify the efficacy of the fix.

NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit this vulnerability  allow an attacker to use this device as a platform to conduct a phishing attack.

Horner Advisory


This advisory describes an improper input validation vulnerability in the Horner Cscape programming software. The vulnerability was reported by rgod and mdm of 9SG Security Team via the Zero Day Initiative. Horner has a new version that mitigates the vulnerability. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.

NCCIC-ICS reports that a relatively low-skilled attacker with uncharacterized access could exploit the vulnerability to crash the device being accessed, allow the attacker to read confidential information, and may allow an attacker to remotely execute arbitrary code.

OMRON Update


This update provides new information on an advisory that was originally published on March 13th, 2018. The new information includes:

• Revision of advisory format;
• Added Esteban Ruiz (mr_me) of Source Incite as an additional vulnerability reporting source; and
Added new affected versions.

No comments:

 
/* Use this with templates/template-twocol.html */