We have four new vendor notifications from Schneider. We also have nine vendor updates from Schneider (6) and Siemens (3).
Schneider Advisories
Schneider published an advisory describing a credentials management vulnerability in their Modicon Ethernet Programmable Automation products. The vulnerability was reported by Yang Dong of DingXiang Dongjian Security Lab. Schneider has new firmware versions that mitigate the vulnerabilities. There is no indication that Yang has been provided an opportunity to verify the efficacy of the fix.
Schneider published an advisory describing an insufficiently random values vulnerability in their Smartlink, PowerTag, and Wiser series gateways. The vulnerability is self-reported. Schneider has new firmware versions that mitigate the vulnerability.
Schneider has published an advisory describing three vulnerabilities in their EcoStruxure™ and SmartStruxure™ Power Monitoring & SCADA Software. The vulnerabilities were reported by Michiel Evers and Niels Pirotte. Schneider has new products and upgrades that mitigate the vulnerabilities in some of the affected systems. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.
The three reported vulnerabilities are:
• Improper access control (2) - CVE-2020-7545
and CVE-2020-7547, and
• Improper neutralization of input during web page generation - CVE-2020-7546
Schneider published an advisory for the Microsoft® Netlogon vulnerability. Schneider has not yet determined how the MS patch would affect their systems.
Schneider Updates
Schneider published an update for their Ripple20 advisory that was originally published on June 23, 2020 and most recently updated on September 1st, 2020. The new information includes adding remediation guidance for:
• VW3A3310 Altivar 61/71 Modbus
TCP,
• VW3A3310D Altivar 61/71 Ethernet
daisy chain,
• VW3A3316 Altivar 61/71 Ethernet
IP, and
• VW3A3320 Altivar 61/71 Ethernet IP RSTP
Schneider published an update for their Urgent/11 advisory that was originally published on August 2nd, 2019 and most recently updated on June 9th, 2020. The new information includes providing updated remediations for:
• Modicon LMC078 Controller,
• Modicon M580 Ethernet communications
Modules,
• Modicon M580 IEC 61850 -
BMENOP0300 (C),
• Modicon MC80 Programmable Logic
Controller,
• Modicon Quantum 140 NOP Communications
Module,
• PacDrive 3 Eco/Pro/Pro2 Motion
Controllers,
• Pro-face HMI -GP4000H/R/E Series, GP4100 Compact Series, LT4000M Modular Series
Schneider published an update for the advisory on their Modbus Serial Driver that was originally published on August 11th, 2020. The new information includes adding a remediation note for EcoStruxure Machine Expert Basic.
Schneider published an update for the advisory on their Modicon Controllers that was originally published on May 14th, 2019 and most recently updated on August 11th, 2020. The new information includes additional remediation steps for M580 and M340.
Schneider published an update for the advisory on their SCADAPack products that was originally published on September 8th, 2020. The new information includes correcting the fix version of RemoteConnect from V2.3.2 to V2.4.2 package.
Schneider published an update for the advisory on their Modicaon Controllers that was originally published on March 16th, 2017. The new information includes updates in the following sections (a fairly major rewrite):
• Products affected,
• Vulnerability details,
• Remediation, and
• Acknowledgement
NOTE: This advisory was one of three that were included in the ICS-CERT advisory, ICSA-17-089-02. NCCIC-ICS should probably update that advisory.
Siemens Updates
Siemens published an update for their Intel CPU advisory that was originally published on February 11th, 2020 and most recently updated on July 14th, 2020. The new information includes updated solutions for:
• SIMATIC IPC427E,
• SIMATIC IPC477E, and
• SIMATIC IPC477E Pro
Siemens published an update for their GNU/Linux advisory that was originally published in 2018 and most recently updated on September 8th, 2020. The new information includes adding:
• CVE-2019-19037,
• CVE-2020-10732,
• CVE-2020-14145,
• CVE-2020-14381,
• CVE-2020-1968,
• CVE-2020-24394,
• CVE-2020-25212, and
• CVE-2020-25220
Siemens published an update for their CodeMeter advisory that was originally published on September 8th, 2020. The new information includes:
• Adding PSS CAPE Protection
Simulation Platform to the list of affected product,
• Adding solution by software update
for SIMATIC WinCC OA,
• Adding solution by installation of latest CodeMeter Runtime version for SIMIT, SINEC INS, and PSS CAPE
NOTE: The original Siemens advisory was included in the
initial list of covered vendors in ICSA-20-203-01.
NCCIC-ICS would not be expected to specifically note this updated advisory since
the link provide would go to the updated version on the Siemens web site.
No comments:
Post a Comment