Tuesday, October 20, 2020

2 Advisories and 2 Updates Published – 10-20-20

Today the CISA NCCIC-ICS published two control system security advisories for product from Hitachi ABB Power Grids, and Rockwell Automation, and updated an advisory for products from WECON. They also updated a medical device security advisory for products from Capsule Technologies.

Hitachi ABB Advisory

This advisory describes an improper authentication vulnerability in the Hitachi ABB XMC20 Multiservice-Multiplexer. The vulnerability is self-reported. Hitachi ABB has new firmware versions that mitigate the vulnerability.

NOTE: The Hitachi ABB advisory describes this as a third-party vulnerability in Libssh. They also report that exploit code is publicly available for the vulnerability. This vulnerability was reported by Peter Winter-Smith of NCC Group. An article on ZDNet.com notes that this is not the most commonly used ssh library, but we must assume that other vendor products may be affected by this vulnerability.

NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit this vulnerability to allow an attacker to remotely take control of the product.

Rockwell Advisory

This advisory describes three classic buffer overflow vulnerabilities in the Rockwell 1794-AENT Flex I/O Series B ethernet/IP adapters. The vulnerabilities were reported (herehere and here) by Jared Rittle of Cisco Talos. Rockwell provides generic workarounds for these vulnerabilities.

NOTE: The Cisco Talos reports contain proof-of-concept exploit code for the vulnerabilities.

NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit these vulnerabilities to crash the device being accessed, resulting in a buffer overflow condition that may allow remote code execution.

NOTE: I briefly reported on these vulnerabilities last Saturday.

WECON Update

This update provides additional information on an advisory that was originally published on August 25, 2020. The new information includes:

• Adding ‘improper restriction of xml external entity reference’ as a new vulnerability,

• Adding ‘and obtain sensitive information’ to the risk evaluation, and

• Adding ‘Mehmet D. INCE @mdisec from T0.Group’ as a reporting researcher.

Capsule Technologies Update

This update provides additional information on an advisory that was originally published on July 14th, 2020. The new information includes updated affected version information and links to mitigation measures.
Posted by at
Labels: , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
 
/* Use this with templates/template-twocol.html */