Today the CISA NCCIC-ICS published two control system
security advisories for products from Rockwell Automation and Phoenix Contact.
They also updated an advisory for products from Rockwell.
Rockwell Advisory
This advisory
describes an improper restriction of XML external entity reference
vulnerability in the Rockwell Logix Designer Studio 5000. The vulnerability was
reported by the Incite Team during PWN2OWN competition during the S4x20
Security Conference. Rockwell provides generic mitigation measures.
NCCIC-ICS reports that a relatively low-skilled attacker
with uncharacterized access could exploit the vulnerability to allow an
unauthenticated attacker to craft a malicious file, which when parsed, could
lead to some information disclosure of hostnames or other resources from the
program.
NOTE: NCCIC-ICS does not provide the link to the Rockwell
advisory.
Phoenix Contact Advisory
This advisory
describes two vulnerabilities in the Phoenix Contact Automation Worx Software
Suite. The vulnerabilities were reported by Natnael Samson and mdm via the Zero
Day Initiative. Phoenix Contact provides generic mitigation measures pending
development of a new version.
The two reported vulnerabilities were:
• Stack-based buffer overflow - CVE-2020-12497,
and
• Out-of-bounds read - CVE-2020-12498
NCCIC-ICS reports that a relatively low-skilled attacker
with uncharacterized access could exploit the vulnerability to allow an
attacker to execute arbitrary code under the privileges of the application.
NOTE #1 – NCCIC-ICS does not provide the link to the Phoenix
Contact advisory.
NOTE #2 – I briefly
described these vulnerabilities last Saturday.
Rockwell Update
This update
provides additional information on an advisory that was originally
published on June 11th, 2020. The new information includes the
removal of RSLinx Classic from the list of affected products.
Posts
No comments:
Post a Comment