This week we have three vendor disclosures about the Windows
CryptoAPI vulnerability from Philips, GE Health and Rockwell Automation. We
also have two other new vendor disclosures from Siemens and Schneider and five
updates from the same vendors.
CryptoAPI Spoofing Vulnerability
Phillips published an
advisory for the Windows CryptoAPI vulnerability. They are currently
reviewing the Windows® patch. Do not apply the patch until they say so.
GE Healthcare published an advisory for the Windows
CryptoAPI vulnerability. They are currently reviewing the Windows® patch. More
to follow.
Rockwell published an
advisory for the Windows CryptoAPI vulnerability. They have provided an initial
listing of products affected, which can apply the Windows patch, and which will
require the development of firmware updates.
Siemens Advisory
Siemens published an
advisory describing generic ActiveX vulnerabilities in a variety of their
Industrial Products. The vulnerability is self-reported. Siemens provides generic
work arounds to mitigate the vulnerability.
COMMENT: I’m sorry but do not waste your time reading this
advisory. This is the most incomplete and least actionable advisory that I have
ever seen from Siemens.
Schneider Advisory
Schneider published an
advisory describing an uncontrolled search path element vulnerability in
their MSX Configurator software. The vulnerability was reported by Yongjun Liu of
nsfocus. Schneider has a new version that mitigates the vulnerability. There is
no indication that Yongiun has been provided an opportunity to verify the
efficacy of the fix.
Siemens Updates
Siemens published an update
for their advisory on GNU/Linux subsystem vulnerabilities in the SIMATIC
S7-1500 CPU products. The advisory was originally
published on November 27th, 2018 and most
recently updated on November 12th, 2019. Ten new GNU/Linux CVE’s
were added to the advisory.
Siemens published an update
for their advisory on SIPROTEC 5 Ethernet plug-in communication modules and
devices. The advisory was originally
published on August 2nd, 2019 and most
recently updated on December 10th, 2019. The new information
included:
• Revised affected version and
mitigation links for SIPROTEC 5 devices;
and
• Removed DHCP vulnerabilities since
no products were affected.
Siemens published an update
for their BlueKeep
advisory. The advisory was originally
published on May 24th, 2019 and most recently
updated on July 9th, 2019. The new information includes the
availability of a new version that mitigates the vulnerability.
NOTE: This update automatically ‘covered’ in the latest
version of the NCCIC-ICS BlueKeep advisory because the link remains the same
for this Siemens advisory.
Schneider Updates
Schneider published an
update for their URGENT/11
advisory. The advisory was originally
published on August 2nd, 2019 and most recently updated on
December 10th, 2019. The new information includes adding mitigation
links for:
• Modicon X80 I/O modules;
• Modicon Momentum Unity;
• Nanodac Recorder / Controller
(added to affected products);
• SCADAPack 53xE RTUs; and
• Saitel DR with HU_A CPU
Schneider published an
update for their DejaBlue
advisory. The advisory was originally
published on September 24th, 2019 and most recently updated on
November 26th, 2019. The new information includes:
• Updated version information for TelevisGO; and
• Updated remediation information
for EcoStruxure Foxboro DCS and
EcoStruxure Foxboro SCADA
Posts
No comments:
Post a Comment