This week we have seven vendor disclosures from Eaton, HMS, Bender, Sprecher, Bosch, Rockwell, and Carestream. There are also three vendor updates from ABB and Eaton (2). We also have an exploit that was published for products from BACnet Interoperability Test Services, Inc.
Eaton Advisory
Eaton published an advisory for the CodeMeter vulnerabilities in their Xsoft-CODESYS programming software.
NOTE: This is the first CodeMeter advisory that is specifically tied to the 4th party CODESYS implmenetation of the Wibu-Systems code that I have seen.
HMS Advisory
HMS published an advisory for the Ripple20 [corrected link, 10-18-20 0846 EDT] vulnerabilities, reporting that none of their products are affected.
NOTE: The advisory indicates that HMS employed a third-party research firm to help them assess the potential exposure to these vulnerabilities.
Bender Advisory
Bender published an advisory describing an improper authentication vulnerability in their COMTRAXX products. The vulnerability was reported by Maxim Rupp. Bender has a new software version that mitigates the vulnerability. There is no indication that Maxim has been provided an opportunity to verify the efficacy of the fix.
Sprecher Advisory
Sprecher published an advisory describing an input validation vulnerability in their SPRECON-E engineering tools. The vulnerability was reported by Gregor Bonney of CyberRange-e at Innogy. Sprecher has a firmware update that mitigates the vulnerability. There is no indication that Bonney has been provided an opportunity to verify the efficacy of the fix.
Bosch Advisory
Bosch published an advisory describing the Microsoft® remote desktop services vulnerability in their Rexroth industrial PCs.
Rockwell Advisory
Rockwell published an advisory describing five buffer overflow vulnerabilities in their 1794-AENT Flex I/O products. The vulnerabilities were reported (here, here and here) by Jared Rittle of Cisco Talos. Rockwell provides generic workarounds to mitigate these vulnerabilities.
NOTE: The Cisco Talos reports provide proof-of-concept code for the vulnerabilities.
Carestream Advisory
Carestream published an advisory [.PDF download link] describing the Microsoft Bad Neighbor vulnerability. Carestream is looking into the potential effects of this vulnerability on their products.
ABB Update
ABB published an update of their CodeMeter advisory for their Automation Builder products that was originally published on September 17th, 2020. ABB reports that CVE-2020-14517 has not been closed in the latest version of the Wibu-Systems CodeMeter (v.7.10a). That version has been integrated into the latest version of Automation Builder.
Eaton Updates
Eaton published an update for their Ripple20 [Corrected link, 10-18-20, 0851 EDT] advisory that was originally published on June 23rd, 2020 and most recently updated on July 24th, 2020. The new information includes updated mitigation information for Form 4D.
Eaton published an update for their Triangle MicroWorks DNP3 Outstation Libraries vulnerability advisory that was originally published on April 22nd, 2020 and most recently updated on August 6th, 2020. Eaton has updated their affected product list and mitigation measures.
NOTE: The NCCIC-ICS advisory was never updated to provide links to vendors reporting these library vulnerabilities in their products.
BACnet Exploit
Zero Science Lab published an exploit for a remote denial of service vulnerability in the BACnet Test Server from BACnet Interoperability Test Services, Inc. There is no report of a coordinated disclosure or CVE # for this vulnerability so it looks like it may be a 0-day exploit.
More to Come
Part II of this post will include Schneider and Siemens
advisories and updates.
2 comments:
The URL in the HMS paragraph points to a file on the local disk C:
Thanks for catching the error. It has been corrected.
Post a Comment