Today the CISA NCCIC-ICS published three control system
security advisories for products from HMS Industrial Networks, Softing
Industrial, and Secomea. They also published an update for an advisory for
products from Delta Industrial Automation.
HMS Advisory
This advisory describes
a stack-based buffer overflow in the HMS eCatcher VPN client. The vulnerability
was reported by Sharon Brizinov of Claroty. HMS has a new version that
mitigates the vulnerability. There is no indication that Brizinov has been
provided an opportunity to verify the efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit the vulnerability to crash the device being accessed. In
addition, a buffer overflow condition may allow remote code execution with
highest privileges.
NOTE: I briefly
discussed this vulnerability earlier this month.
Softing Advisory
This advisory describes
two vulnerabilities in the Softing OPC. The vulnerabilities were reported by Uri
Katz of Claroty. Softing has a new version that mitigates the vulnerability.
There is no indication that Katz has been provided an opportunity to verify the
efficacy of the fix.
The two reported vulnerabilities are:
• Heap-based buffer overflow - CVE-2020-14524,
and
• Uncontrolled resource consumption
- CVE-2020-14522
NCCIC-ICS reports that a relatively low-skilled attacker could
remotely exploit the vulnerabilities to crash the device being accessed. A
buffer-overflow condition may also allow remote code execution.
Secomea Advisory
This advisory describes
four vulnerabilities in the Secomea GateManager VPN manager. The
vulnerabilities were reported by Sharon Brizinov and Tal Keren of Claroty.
Secomea has a new versin that mitigates the vulnerabilities. There is no indication
that the researchers have been provided an opportunity to verify the efficacy
of the fix.
The four reported vulnerabilities are:
• Improper neutralization of null byte
or null character - CVE-2020-14500,
• Off-by-one error - CVE-2020-14508,
• Use of hard-coded credentials - CVE-2020-14510,
and
• Use of password hash with
insufficient computational effort - CVE-2020-14512
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit the vulnerability to allow a remote attacker to gain
remote code execution on the device.
Delta Update
This update
provides additional information on an advisory that was originally
published on June 30th, 2020. The new information includes a
link to a new version that mitigates the vulnerabilities.
Posts
No comments:
Post a Comment