Today the CISA NCCIC-ICS published two control system security advisories for products from GE.
Reason S20 Advisory
This advisory describes two cross-site scripting vulnerabilities in the GE Reason S20 Ethernet Switch. The vulnerability was reported by IOActive. GE has newer firmware versions that mitigate the vulnerability. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit these vulnerabilities to allow unauthorized accounts manipulation and allow for remote code execution.
APM Advisory
This advisory describes two vulnerabilities in the GE Digital APM Classic data analysis tool. The vulnerability was reported by Guido Marilli of Accenture Security. GE has a new version that mitigates the vulnerabilities. There is no indication that Marilli has been provided an opportunity to verify the efficacy of the fix.
The two reported vulnerabilities are:
• Authorization bypass through user-controlled
key - CVE-2020-16240, and
• Use of a one-way hash without a salt - CVE-2020-16244
NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit the vulnerabilities to allow access to sensitive information. The GE Digital advisory states that “GE believes exploitation of the Vulnerabilities is only possible if an attacker was first authenticated.”
No comments:
Post a Comment