Today the DHS NCCIC-ICS published thee control system
security advisories for products from Geutebruck and Phoenix Contact (2).
Geutebruck Advisory
This advisory
describes three vulnerabilities in the Geutebruck Encoder and E2 Series Cameras.
The vulnerabilities were reported by Romain Luyer and Guillaume Gronnier from
CEIS, and Davy Douhine from RandoriSec. Geutebruck reports that the latest version
of the firmware mitigates the vulnerabilities. There is no indication that the
researchers have been provided an opportunity to verify the efficacy of the
fix.
The three reported vulnerabilities are:
• Cross-site scripting - CVE-2019-10957; and
• OS command injection (2) - CVE-2019-10956 and CVE-2019-10958
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit these vulnerabilities to allow remote code execution as
root and remote code execution in the browser of the IP camera operator.
FL NAT Advisory
This advisory
describes an improper access control vulnerability in the Phoenix Contact FL
NAT SMx industrial Ethernet switches. The vulnerability was reported by Maxim
Rupp via CERT VDE. Phoenix Contact has provided generic mitigation measures for
the vulnerability.
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit this vulnerability to allow unauthorized users full
access to the device configuration.
PLCNext Advisory
This advisory
describes four vulnerabilities in the Phoenix Contact PLCNext AXC F 2152
products. The vulnerabilities were reported by Zahra Khani of Firmalyzer and
the OPC Foundation. Phoenix Contact reports that later versions of the firmware
mitigate the vulnerabilities. There is no indication that the researchers have
been provided an opportunity to verify the efficacy of the fix.
The four reported vulnerabilities are:
• Key management errors - CVE-2018-7559;
• Improper access control - CVE-2019-10998;
• Man-in-the-middle - CVE-2019-10997; and
• Using components with known vulnerabilities
NOTE: the CERT VDE advisory
lists 43 separate Linux vulnerability CVE’s for the fourth vulnerability.
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit these vulnerabilities to allow an attacker to decrypt
passwords, bypass authentication, and deny service to the device. In addition,
these vulnerabilities could interact with third-party vulnerabilities to cause
other impacts to integrity, confidentiality, and availability.
Posts
No comments:
Post a Comment