Today the CISA NCCIC-ICS published one control system
security advisory for products from Delta Electronics.
Delta Advisory
The advisory
describes two vulnerabilities in the Delta Industrial Automation CNCSoft ScreenEditor.
The vulnerability was reported by Natnael Samson (@NattiSamson) and kimiya,
working with the Zero Day Initiative. Delta has a new version that mitigates
the vulnerabilities. There is no indication that the researchers have been
provided an opportunity to verify the efficacy of the fix.
The two reported vulnerabilities are:
• Stack-based buffer overflow - CVE-2020-7002;
and
• Out-of-bounds read - CVE-2020-6976
NCCIC-ICS reports that a relatively low-skilled attacker
with uncharacterized access could exploit the vulnerabilities to cause buffer
overflow conditions that may allow information disclosure, remote code
execution, or crash the application. According to the ZDI advisories (here, here and here) the
vulnerabilities are remotely exploitable.
Commentary
The two different ZDI advisories for the buffer overflow
vulnerability show slightly different descriptions of the vulnerability. Both
describe parsing problems in DBP files. The kimiya advisory appears to be
slightly more generic where the Samson advisory specifies that the problem lies
in parsing the GifName information in DPB files. There is a possibility that
there are two separate vulnerabilities here. This is where it would be helpful
to have the researchers verify the efficacy of the fix. We could have a
situation here where the more specific vulnerability was fixed, but the more generic
problem remains.
Posts
No comments:
Post a Comment