Thursday, August 6, 2020

4 Advisories Published – 8-6-20

Today the CISA NCCIC-ICS published four control system security advisories for products from Delta Industrial, Geutebruck, Advantech and a variety of trailer and brake manufacturers.

 

Delta Advisory

 

This advisory describes five vulnerabilities in the Delta Industrial TPEditor. The vulnerabilities were reported by Kdot, kimiya of 9SG Security Team, Justin Taft and Chris Anastasio via the Zero Day Initiative. Delta Industrial has a new version that mitigates the vulnerabilities. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.

 

The five reported vulnerabilities are:

 

• Out-of-bounds read - CVE-2020-16219,

• Stack-based buffer overflow - CVE-2020-16221,

• Heap-based buffer overflow - CVE-2020-16223,

• Write-what-where condition - CVE-2020-16225, and

• Improper input validation - CVE-2020-16227

 

NCCIC-ICS reports that a relatively low-skilled attacker with uncharacterized access could exploit the vulnerabilities to  allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.

 

Geutebrück Advisory

 

This advisory describes an OS command injection vulnerability in the Geutebruck G-Cam and G-Code cameras. The vulnerability was reported by Davy Douhine of RandoriSec. Geutebruck has a new firmware version that mitigates the vulnerability. There is no indication that Douhine has been provided an opportunity to verify the efficacy of the fix.

 

NCCIC-ICS reports that a relatively low-skilled attacker using publicly available code could remotely exploit the vulnerability to allow remote code execution as root.

 

Advantech Advisory

 

This advisory describes six vulnerabilities in the Advantech WebAccess HMI Designer. The vulnerabilities were reported by kimiya and Natnael Samson via ZDI. Advantech has a new version that mitigates the vulnerability. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.

 

The six reported vulnerabilities are:

 

• Heap-based buffer overflow - CVE-2020-16207,

• Out-of-bounds read - CVE-2020-16211,

• Out-of-bounds write - CVE-2020-16213,

• Access of resource using incompatible type - CVE-2020-16229,

• Stack-based buffer overflow- CVE-2020-16215, and

• Double free - CVE-2020-16217

 

NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit these vulnerabilities to allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.

 

Trailer Advisory

 

This advisory describes an exposure of sensitive information by sent data vulnerability in Power Line Communications Bus / PLC4TRUCKS / J2497 (see here for system description) from multiple trailer and brake manufacturers. The vulnerability was reported by Ben Gardiner of NMFTA, and Dan Salloum, Chris Poore, and Eric Thayer of Assured Information Security.

 

NOTE: This is not a standard NCCIC-ICS advisory. It identifies an RF communication’s security vulnerability in the Power Line Communications (PLC; I know this acronym is going to cause all sorts of issues for security researchers) on 18-wheeler trailers. It apparently affects all trailer manufacturers using PLC’s. A link to the actual research by the National Motor Freight Traffic Association (NMFTA) and Assured Information Security (AIS) research report would have been helpful.

 

Ben Gardiner will be talking about this vulnerability at Defcon28 Car Hacking Village tomorrow.


No comments:

 
/* Use this with templates/template-twocol.html */