Today the CISA NCCIC-ICS published two control system
security advisories for products from Weidmueller and Thales.
Weidmueller Advisory
This advisory describes
5 vulnerabilities in the Weidmueller Industrial Ethernet Switches. The
vulnerabilities are self-reported. Weidmueller has firmware patches that
mitigate the vulnerabilities.
The five reported vulnerabilities are:
• Improper restriction of excessive
authentication attempts - CVE-2019-16670;
• Uncontrolled resource consumption
- CVE-2019-16671;
• Missing encryption of sensitive data
- CVE-2019-16672;
• Unprotected storage of credentials
- CVE-2019-16673; and
• Predictable from observable state
- CVE-2019-16674
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit the vulnerabilities to allow a remote attacker to gain
unauthorized access to the device, affecting the confidentiality, integrity,
and availability of the device the attacker is targeting.
Thales Advisory
This advisory describes
a link following vulnerability in the Thales SafeNet Sentinel LDK License
Manager Runtime. The vulnerability was reported by Ryan Wincey of Blizzard
Entertainment. Thales has a new version that mitigates the vulnerability. There
is no indication that Wincey has been provided an opportunity to verify the
efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker
with local access could exploit the vulnerability to allow a local attacker to
escalate privileges.
NOTE: I briefly
addressed this vulnerability back in October.
Posts
No comments:
Post a Comment