Today the CISA NCCIC-ICS published one control system security
alert for robot motion servers and a control system security advisory for
products from Delta Electronics. They also updated an advisory for products
from Treck.
Robot Motion Servers Alert
This alert
provides initial information for reported security issues in robot motion
servers. This alert is based upon publicly available information from Federico
Maggi and Marco Balduzzi of Trend Micro, Marcello Pogliani and Stefano Zanero
of POLIMI, and Davide Quarta of POLIMI, EURECOM. The researchers have
reportedly discovered an insufficient verification of data authenticity
vulnerability which could allow remote code execution from an adjacent network.
NCCIC-ICS provides possible mitigation measures suggested by
Trend Micro and ROS-I Consortium.
Delta Industrial Advisory
This advisory
describes three vulnerabilities in the Delta Industrial Automation CNCSoft
ScreenEditor. The vulnerabilities were reported by Anonymous and kimiya via the
zero day initiative. Delta has a newer version that mitigates the vulnerabilities.
There is no indication that the researchers have been provided an opportunity
to verify the efficacy of the fix.
The three reported vulnerabilities are:
• Stack-based buffer overflow - CVE-2020-16199,
• Out-of-bounds read - CVE-2020-16201,
and
• Access of uninitialized pointer -
CVE-2020-16203
NCCIC-ICS reports that a relatively low-skilled attacker
with uncharacterized access could exploit the vulnerability to allow an
attacker to read/modify information, execute arbitrary code, and/or crash the
application.
Treck Update
This update
provides additional information on Ripple20
advisory that was originally
published on June 16th, 2020 and most
recently updated on July 21st, 2020. The new information
includes:
• A notice that the affected Treck
TCP/IP stack may also be known as Kasago TCP/IP, ELMIC, Net+ OS, Quadnet, GHNET
v2, Kwiknet, or AMX,
• A link to the BD advisory that I
mentioned last Saturday.
NOTE: NCCIC-ICS still has not provided a link to the Siemens
Ripple20 advisory that I
discussed on July 18th.
Posts
No comments:
Post a Comment