Tuesday, January 15, 2019

One Advisory and One Update Published – 01-15-19

Today the DHS NCCIC-ICS published a control system security advisory for products from Leão Consultoria e Desenvolvimento de Sistemas Ltda (LCDS) and updated an advisory for products from Schneider Electric.

LCDS Advisory

This advisory describes eleven vulnerabilities in the LCDS LAquis SCADA. The vulnerabilities were reported by Esteban Ruiz (mr me) via the Zero Day Initiative. LCDS has a new version that mitigates the vulnerabilities. There is no indication that Ruiz has been provided an opportunity to verify the efficacy of the fix.

The eleven reported vulnerabilities are:

• Improper input validation - CVE-2018-18988;
• Out-of-bounds read (2) - CVE-2018-19004 and CVE-2018-18994;
• Code injection - CVE-2018-19002;
• Untrusted pointer dereference - CVE-2018-19029;
• Out-of-bounds write - CVE-2018-18986;
• Relative path traversal - CVE-2018-18990;
• Injection (2) - CVE-2018-18992 and CVE-2018-18996;
• Use of hard-coded credential - CVE-2018-18998; and
Authentication bypass using alternative path or channel - CVE-2018-19000

NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit these vulnerabilities to allow remote code execution, data exfiltration, or cause a system crash.

Schneider Update

This update provides additional information on an advisory that was originally published on January 8th, 2019. The new information includes an additional vulnerability, cryptographic issues.

No comments:

/* Use this with templates/template-twocol.html */