Today the DHS NCCIC-ICS published two control system
security advisories for products from Horner Automation and AVEVA.
Horner Advisory
This advisory
describes two vulnerabilities in the Horner Cscape control system application
programming software. The vulnerabilities were reported by Francis Provencher
of Protek Research Lab via the Zero Day Initiative. Horner has a new version
that mitigates the vulnerabilities. There is no indication that Provencher has
been provided an opportunity to verify the efficacy of the fix.
The two reported vulnerabilities are:
• Improper input validation - CVE-2019-13541; and
• Out-of-bounds write - CVE-2019-13545
NCCIC-ICS reports that a relatively low-skilled attacker
with uncharacterized access could exploit the vulnerabilities to crash the
device being accessed, which may allow the attacker to access information and
execute arbitrary code.
AVEVA Advisory
This advisory
describes a stack-based overflow vulnerability in the AVEVA Vijeo Citect and
Citect SCADA. The vulnerability is in the IEC870IP driver. The vulnerability
was reported by VAPT Team, C3i Center. AVEVA has a new version of the driver
that mitigates the vulnerability. There is no indication that the researchers
have been provided an opportunity to verify the efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker could
remotely exploit this vulnerability to cause a server-side crash.
Posts
No comments:
Post a Comment