Yesterday the DHS ICS-CERT published four control system
security advisories for products from Tridium, Pilz, Omron and Emerson. They
also updated a previously issued advisory for products from Schneider. The
Tridium advisory was originally posted to the HSIN ICS-CERT library on November
29, 2018.
Tridium Advisory
This advisory
describes a cross-site scripting vulnerability in the Niagara Enterprise
Security, Niagara AX, and Niagara 4 products. The vulnerability was reported by
Daniel Santos and Elisa Costante of SecurityMatters. Tridium has new versions
available that mitigate the vulnerability. There is no indication that the
researchers have been provided an opportunity to verify the efficacy of the
fix.
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit this vulnerability to allow an authenticated user to
inject client-side scripts into some web pages that could then be viewed by
other users.
NOTE: The link to the Tridium bulletin is for a .PDF
download. Registered users can view the bulletin here.
Pilz Advisory
This advisory
describes a clear-text storage of sensitive information vulnerability in the
Pilz PNOZmulti Configurator tool. The vulnerability was reported by Gjoko
Krstikj of Applied Risk. Pilz has a new version that mitigates the
vulnerability. There is no indication that Krstikj was provided an opportunity
to verify the efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker
with uncharacterized access could exploit the vulnerability to allow sensitive
data to be read from the system.
Omron Advisory
This advisory
describes a type confusion vulnerability in the Omron CX-Protocol within CX-One.
The vulnerability was reported by Esteban Ruiz (mr_me) of Source Incite via the
Zero Day Initiative. Omron has a new version that mitigates the vulnerability.
There is no indication that Ruiz has been provided an opportunity to verify the
efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker
with uncharacterized access could exploit the vulnerability to allow an
attacker to execute code under the privileges of the application.
Emerson Advisory
This advisory
describes an authentication bypass vulnerability in the Emerson DeltaV
Distributed Control System Workstations. The vulnerability was reported by Alexander
Nochvay of Kaspersky Lab. Emerson has a patch that mitigates the vulnerability.
There is no indication that Nochvay has been provided an opportunity to verify
the efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker with
uncharacterized access could exploit the vulnerability to allow an attacker to
shut down a service, resulting in a denial of service.
Schneider Update
This update
provides additional information on an advisory that was originally
published on February 23rd, 2017. The new information includes:
• New researcher acknowledgements;
and
• New products affected.
Posts
No comments:
Post a Comment