Today the CISA NCCIC-ICS published two control system security
advisories for products from Moxa and Reliable Controls.
Moxa Advisory
This advisory describes
14 vulnerabilities in the Moxa AWK-3121 wireless access point. The vulnerabilities
were reported
by Samuel Huntley. This product has reached end-of-life and is no longer
supported.
The 14 reported vulnerabilities are:
• Cleartext transmission of
sensitive information (3) - CVE-2018-10690, CVE-2018-10694 and CVE-2018-10698;
•
• Sensitive cookie without ‘HTTPONLY’
flag - CVE-2018-10692;
• Improper restriction of operations
within the bounds of a memory buffer (4) - CVE-2018-10693, CVE-2018-10695, CVE-2018-10701
and CVE-2018-10703;
• Cross-site request forgery - CVE-2018-10696;
• Command injection (3) - CVE-2018-10697,
CVE-2018-10699 and CVE-2018-10702; and
• Cross-site scripting - CVE-2018-10700;
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely use publicly available exploits to allow an attacker to view
sensitive information, cause availability issues, and execute remote code.
Reliable Controls Advisory
This advisory describes
an unquoted search path or element vulnerability in the Reliable Controls
License Manager. The vulnerability was reported by Gjoko
Krstic of Applied Risk. Reliable Controls has a new version that mitigates the
vulnerability. There is no indication that Krstic has been provided an
opportunity to verify the efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker with
uncharacterized access could exploit the vulnerability to allow an attacker to
crash the system, view sensitive data, or execute arbitrary commands.
NOTE: Both of these product vulnerabilities were publicly reported
back in June by the listed researcher. It appears that in at least one of the
cases (probably both) the vendor did not reply or adequately address the
researchers concerns even after there was public disclosure. The researchers
then apparently turned to NCCIC-ICS for assistance.
No comments:
Post a Comment