Today the CISA NCCIC-ICS published two control system
security blogs for products from Siemens and GE.
Siemens Advisory
This advisory
describes 54 vulnerabilities in the Siemens SPPA-T3000 servers. The
vulnerabilities were reported by Gleb Gritsai, Eugenie Potseluevskaya, Sergey
Andreev, and Radu Motspan from Kaspersky Lab; Vyacheslav Moskvin, and Ivan B
from Positive Technologies; and Can Demirel from Biznet Bilisim Sistemleri ve
Danışmanlık. Siemens has an update that mitigates three of the vulnerabilities
on one of the affected products. There is no indication that any of the
researchers have been provided an opportunity to verify the efficacy of the
fix.
Sorry, I am not going to list the 54 vulnerabilities.
NCCIC-ICS reports that a relatively low-skilled attacker could
remotely exploit these vulnerabilities to allow an attacker to execute
arbitrary code on the server, cause a denial-of-service condition, view and
modify passwords, gain root privileges, access sensitive information, and read
and write arbitrary files on the local system.
NOTE: This is the new vulnerability of the Siemens monthly drop
from last week. I briefly
discussed these vulnerabilities last Saturday.
GE Advisory
This advisory
describes a cross-site scripting vulnerability in the GE S2020/S2020G Fast
Switch 61850, a managed Ethernet switch. The vulnerability was reported by Murat
Aydemir of Biznet Bilisim A.S.. GE has a new version that mitigates the vulnerability.
There is no indication that Aydemir has been provided an opportunity to verify
the efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit the vulnerability to allow an attacker to inject
arbitrary code and allow disclosure of sensitive data.
Posts
No comments:
Post a Comment