Today the DHS NCCIC-ICS published a control system security advisory
for products from Leão Consultoria e Desenvolvimento de Sistemas Ltda (LCDS)
and updated an advisory for products from Schneider Electric.
LCDS Advisory
This advisory describes
eleven vulnerabilities in the LCDS LAquis SCADA. The vulnerabilities were
reported by Esteban Ruiz (mr me) via the Zero Day Initiative. LCDS has a new
version that mitigates the vulnerabilities. There is no indication that Ruiz
has been provided an opportunity to verify the efficacy of the fix.
The eleven reported vulnerabilities are:
• Improper input validation - CVE-2018-18988;
• Out-of-bounds read (2) - CVE-2018-19004
and CVE-2018-18994;
• Code injection - CVE-2018-19002;
• Untrusted pointer dereference - CVE-2018-19029;
• Out-of-bounds write - CVE-2018-18986;
• Relative path traversal - CVE-2018-18990;
• Injection (2) - CVE-2018-18992
and CVE-2018-18996;
• Use of hard-coded credential - CVE-2018-18998;
and
• Authentication bypass using alternative path or
channel - CVE-2018-19000
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit these vulnerabilities to allow remote code execution,
data exfiltration, or cause a system crash.
Schneider Update
This update
provides additional information on an advisory that was originally
published on January 8th, 2019. The new information includes an
additional vulnerability, cryptographic issues.
Posts
No comments:
Post a Comment