Today the CISA NCCIC-ICS published four control system
security advisories for products from Delta Industrial, Geutebruck, Advantech
and a variety of trailer and brake manufacturers.
Delta Advisory
This advisory
describes five vulnerabilities in the Delta Industrial TPEditor. The
vulnerabilities were reported by Kdot, kimiya of 9SG Security Team, Justin Taft
and Chris Anastasio via the Zero Day Initiative. Delta Industrial has a new
version that mitigates the vulnerabilities. There is no indication that the researchers
have been provided an opportunity to verify the efficacy of the fix.
The five reported vulnerabilities are:
• Out-of-bounds read - CVE-2020-16219,
• Stack-based buffer overflow - CVE-2020-16221,
• Heap-based buffer overflow - CVE-2020-16223,
• Write-what-where condition - CVE-2020-16225,
and
• Improper input validation - CVE-2020-16227
NCCIC-ICS reports that a relatively low-skilled attacker
with uncharacterized access could exploit the vulnerabilities to allow an attacker to read/modify information,
execute arbitrary code, and/or crash the application.
Geutebrück Advisory
This advisory
describes an OS command injection vulnerability in the Geutebruck G-Cam and
G-Code cameras. The vulnerability was reported by Davy Douhine of RandoriSec.
Geutebruck has a new firmware version that mitigates the vulnerability. There
is no indication that Douhine has been provided an opportunity to verify the efficacy
of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker using
publicly available code could remotely exploit the vulnerability to allow
remote code execution as root.
Advantech Advisory
This advisory
describes six vulnerabilities in the Advantech WebAccess HMI Designer. The
vulnerabilities were reported by kimiya and Natnael Samson via ZDI. Advantech has
a new version that mitigates the vulnerability. There is no indication that the
researchers have been provided an opportunity to verify the efficacy of the
fix.
The six reported vulnerabilities are:
• Heap-based buffer overflow - CVE-2020-16207,
• Out-of-bounds read - CVE-2020-16211,
• Out-of-bounds write - CVE-2020-16213,
• Access of resource using incompatible
type - CVE-2020-16229,
• Stack-based buffer overflow- CVE-2020-16215,
and
• Double free - CVE-2020-16217
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit these vulnerabilities to allow an attacker to
read/modify information, execute arbitrary code, and/or crash the application.
Trailer Advisory
This advisory
describes an exposure of sensitive information by sent data vulnerability in Power
Line Communications Bus / PLC4TRUCKS / J2497 (see here for system
description) from multiple trailer and brake manufacturers. The vulnerability was
reported by Ben Gardiner of NMFTA, and Dan Salloum, Chris Poore, and Eric
Thayer of Assured Information Security.
NOTE: This is not a standard NCCIC-ICS advisory. It
identifies an RF communication’s security vulnerability in the Power Line
Communications (PLC; I know this acronym is going to cause all sorts of issues
for security researchers) on 18-wheeler trailers. It apparently affects all
trailer manufacturers using PLC’s. A link to the actual research by the National
Motor Freight Traffic Association (NMFTA) and Assured Information Security
(AIS) research report would have been helpful.
Ben Gardiner will be talking about
this vulnerability at Defcon28 Car Hacking Village tomorrow.
Posts
No comments:
Post a Comment