Saturday, August 1, 2020

Public ICS Disclosure – Week of 7-25-20

This week we have three new Ripple20 [corrected link, 10-18-20, 0844 EDT] advisories for products from ABB, BD, and HMS; and 3 updates for products from ABB, Schneider and Eaton. There were two BootHole advisories published for products from Medtronic and BD. There were three additional vendor disclosures this week for products from SICK, Rockwell and Yokogawa.

 

Ripple20

 

ABB published a Ripple20 advisory for their distribution automation products. The advisory provides a list of affected products and the announcement that ABB intends to produce new firmware to mitigate the vulnerabilities.

 

BD published a Ripple20 advisory for their BD Kiestra and Rowa products. The advisory provides generic mitigation measures.

 

HMS published a Ripple20 advisory for their HMS LABSline SG and Anybus SG-gateways. Since the affected products are end-of-life, HMS recommends upgrading to newer products.

 

ABB updated a previously issued Ripple20 advisory that was originally published on July 11th, 2020. The new information includes a revised affected product list and provides links to the advisory described above.

 

Schneider updated a previously issued Ripple20 advisory that was originally published on June 23, 2020 and most recently updated on July 14th, 2020. The new information includes:

 

• Adding XUPH001 OsSense communication module, XGCS850C201 OsiSense RFID compact smart antenna, Wiser Energy IP module, and “Gateway Connector by Elko to the list of affected products, and

• Removing PowerLogic EGX100, ECI850 Sepam IEC 61850 Server, and “PowerLogic G3200 Modbus to IEC 61850 Gateway from the list of affected products.

 

Eaton updated their Ripple20 advisory that was originally published on June 23rd, 2020 and most recently updated on July 15th, 2020. The new information includes an updated affected product list and an updated

the mitigation for ePDU products.

 

BootHole

 

Medtronic published a BootHole Advisory providing a generic announcement that they were looking at the potential vulnerability in their products.

 

BD published a BootHole Advisory providing a generic announcement that they were looking at the potential vulnerability in their products.

 

NOTE: The medical device vendors are getting fairly proactive about looking at named OS vulnerabilities and announcing their concern/interest. I suspect that this is because of the regulated nature of the market and an interest in obviating any additional cybersecurity related regulatory actions.

 

SICK Advisory

 

SICK published an advisory describing two vulnerabilities in their Package Analytics products. The vulnerabilities were reported by an unacknowledged third-party. SICK has a new version that mitigates the vulnerabilities.

 

The two reported vulnerabilities are:

 

• Authentication bypass using an alternate path or channel - CVE-2020-2076, and

• Incorrect default permissions - CVE-2020-2077

 

Rockwell Advisory

 

Rockwell published an advisory describing an improper implementation of hashing algorithm for user passwords vulnerability in their FactoryTalk Services Platform. The vulnerability is being self-reported. Rockwell has a patch to mitigate the vulnerability.

 

Yokogawa Advisory

 

Yokogawa published an advisory describing two vulnerabilities in their CAMS for HIS of CENTUM products. The vulnerabilities were reported by Nataliya Tlyapova and Ivan Kurnakov, Positive Technologies. Yokogawa has patches to mitigate the vulnerability in products that are not yet at end-of-life. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.

 

The two reported vulnerabilities are:

 

• Improper authentication - CVE-2020-5608, and

• Path traversal - CVE-2020-5609


No comments:

 
/* Use this with templates/template-twocol.html */