Yesterday the DHS NCCIC-ICS published two control system
security advisories and updates to two previously published control system
advisories; all for products from Siemens. They also published a medical device
security advisory for products from Philips.
SINUMERIK Advisory
This advisory
describes ten vulnerabilities in the Siemens SINUMERIK Controllers. The
vulnerabilities were reported by Anton Kalinin, Danila Parnishchev, Dmitry
Sklyar, Gleb Gritsai, Kirill Nesterov, Radu Motspan, and Sergey Sidorov from
Kaspersky Lab. Siemens has updates for several of the products and provides
work arounds for the others. There is no indication that the researchers have
been provided an opportunity to verify the efficacy of the fix.
The ten reported vulnerabilities are:
• Heap-based buffer overflow - CVE-2018-11457;
• Integer overflow or wraparound - CVE-2018-11458;
• Protection mechanism failure (2)
- CVE-2018-11459 and CVE-2018-11460;
• Permission, privileges and access
control (2) - CVE-2018-11461 and CVE-2018-11462;
• Stack-based buffer overflow - CVE-2018-11463;
and
• Uncaught exception (3) - CVE-2018-11464, CVE-2018-11465
and CVE-2018-11466
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit these vulnerabilities to cause denial-of-service
conditions, privilege escalation, or allow remote code execution.
SINAMICS Advisory
This advisory
describes an improper access control vulnerability in the Siemens SINAMICS
PERFECT HARMONY GH180 (based upon a 3rd
party vulnerability – McAffee Application and Change Control). The vulnerability
was reported by McAffee. Siemens recommends installing a McAffee update to
mitigate the vulnerability.
NCCIC-ICS reports that a relatively low-skilled attacker
with physical access could exploit the vulnerability to compromise the HMI, and
by extension, the drive system.
PROFINET Update
This update
provides new information on an advisory that This update
provides additional information on an advisory that was originally
published on May 9th, 2017 and updated on
June 15, 2017,on July
25th, 2017, on August
17th, 2017, on October
10th, on November
14th, November
28th, 2017, January
18th, 2018, January
25th, 2018, January
27th, 2018, March
6th, 2018, May
3rd, 2018 and most recently on November
13th, 2018. The update provides new affected version information
and mitigation measures for:
• SIMATIC ET 200MP IM155-5 PN HF;
and
• SIRIUS ACT 3SU1 interface module
PROFINET
Industrial Products Update
This update
provides new information on an advisory that This update
provides additional information on an advisory that was originally
published on May 9th, 2017 and updated on
June 15, 2017,on July
25th, 2017, on August
17th, 2017, on October
10th, on November
14th, November
28th, February
27th, 2018, May
3rd, 2018 May
15th, 2018, September
11th, 2018, October
9th, 2018 and most recently on November
13th, 2018. This update provides new mitigation information for SIMATIC
ET 200MP IM155-5 PN HF.
Philips Update
This update
provides new information on an advisory that was originally
published on March 27th, 2018. This update slips the new version
expected date from ‘December 2018’ to ‘Q1 of 2019’.
Other Siemens Updates
Yesterday Siemens
published a total of three new advisories and seven updates. We may see
more from NCCIC-ICS later this week, but some will not be specifically
addressed by NCCIC-ICS. I will have further information on the remainder on Saturday.
Posts
No comments:
Post a Comment