Friday, January 11, 2019

Four Advisories and One Update Published – 01-10-19


Yesterday the DHS ICS-CERT published four control system security advisories for products from Tridium, Pilz, Omron and Emerson. They also updated a previously issued advisory for products from Schneider. The Tridium advisory was originally posted to the HSIN ICS-CERT library on November 29, 2018.

Tridium Advisory


This advisory describes a cross-site scripting vulnerability in the Niagara Enterprise Security, Niagara AX, and Niagara 4 products. The vulnerability was reported by Daniel Santos and Elisa Costante of SecurityMatters. Tridium has new versions available that mitigate the vulnerability. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.

NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit this vulnerability to allow an authenticated user to inject client-side scripts into some web pages that could then be viewed by other users.

NOTE: The link to the Tridium bulletin is for a .PDF download. Registered users can view the bulletin here.

Pilz Advisory


This advisory describes a clear-text storage of sensitive information vulnerability in the Pilz PNOZmulti Configurator tool. The vulnerability was reported by Gjoko Krstikj of Applied Risk. Pilz has a new version that mitigates the vulnerability. There is no indication that Krstikj was provided an opportunity to verify the efficacy of the fix.

NCCIC-ICS reports that a relatively low-skilled attacker with uncharacterized access could exploit the vulnerability to allow sensitive data to be read from the system.

Omron Advisory


This advisory describes a type confusion vulnerability in the Omron CX-Protocol within CX-One. The vulnerability was reported by Esteban Ruiz (mr_me) of Source Incite via the Zero Day Initiative. Omron has a new version that mitigates the vulnerability. There is no indication that Ruiz has been provided an opportunity to verify the efficacy of the fix.

NCCIC-ICS reports that a relatively low-skilled attacker with uncharacterized access could exploit the vulnerability to allow an attacker to execute code under the privileges of the application.

Emerson Advisory


This advisory describes an authentication bypass vulnerability in the Emerson DeltaV Distributed Control System Workstations. The vulnerability was reported by Alexander Nochvay of Kaspersky Lab. Emerson has a patch that mitigates the vulnerability. There is no indication that Nochvay has been provided an opportunity to verify the efficacy of the fix.

NCCIC-ICS reports that a relatively low-skilled attacker with uncharacterized access could exploit the vulnerability to allow an attacker to shut down a service, resulting in a denial of service.

Schneider Update


This update provides additional information on an advisory that was originally published on February 23rd, 2017. The new information includes:

• New researcher acknowledgements; and
New products affected.

No comments:

 
/* Use this with templates/template-twocol.html */