This week we have nine disclosures for products from Schneider. We also have eight vendor updates for products from Siemens (5) and Schneider (3). Finally, we have two researcher reports about vulnerabilities in products from Schneider.
Schneider Advisories
Schneider published an
advisory describing a write-what-where condition vulnerability in their EcoStruxure™
Control Expert. The vulnerability was
reported by Jared Rittle of Cisco Talos; the report contains
proof-of-concept code. Schneider provides generic workarounds pending
development of remediation measures.
Schneider published an
advisory describing an insufficiently protected credentials vulnerability
in their EcoStruxure Geo SCADA Expert. The vulnerability is being
self-reported. Schneider has updates available that mitigate the vulnerability.
Schneider published an advisory describing two vulnerabilities in their Web Server on Modicon M340 communication modules. The vulnerabilities were reported by DongJian Security Lab and the Russian BDU FSTEC (report here). Schneider has new firmware versions that mitigate the vulnerabilities. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.
The two reported vulnerabilities are:
• Forced browsing - CVE-2020-7541,
and
• Improper check for unusual or
exceptional conditions - CVE-2020-7539
Schneider published an
advisory describing a missing authentication for critical function vulnerability
in their Web Server on Modicon M340 communications modules. The vulnerability
was reported by DongJian Security Lab. Schneider has new firmware versions that
mitigate the vulnerability. There is no indication that the researchers have
been provided an opportunity to verify the efficacy of the fix.
Schneider published an
advisory describing a path traversal vulnerability on the Web Server on
Modicon M340 communications modules. The vulnerability was reported by Zheng
Qiang. Schneider has new firmware versions that mitigate the vulnerability.
There is no indication that the researcher have been provided an opportunity to
verify the efficacy of the fix.
Schneider published an
advisory describing an improper check for unusual or exceptional conditions
vulnerability in their Web Server on Modicon M340 communications modules. The
vulnerability is being self-reported.
Schneider published an
advisory describing an improper check for unusual or exceptional conditions
vulnerability in their Modicon M340 CPU’s. The vulnerability was reported by the VAPT Team from
C3i IITK, India. Schneider has new firmware versions that mitigate the
vulnerability. There is no indication that the researchers have been provided
an opportunity to verify the efficacy of the fix.
Schneider published an
advisory describing three separate improper check for unusual or
exceptional conditions vulnerabilities in their Modicon M580 controllers. The
vulnerabilities were reported by Gao Jian of NSFOCUS, Daniel Lubel of OTORIO, Armis
Security, Victor Fidalgo Villar of INCIBE-CERT, and Gideon Guo. Schneider has
firmware updates that mitigate the vulnerabilities. There is no indication that
the researchers have been provided an opportunity to verify the efficacy of the
fix.
Schneider published an advisory describing an improper restriction of operations within the bounds of a memory buffer vulnerability in their M258 Logic Controllers and SoMachine/SoMachine Motion software. The vulnerability was reported by Kai Feng. Schneider has new versions that mitigate the vulnerability. There is no indication that Kai has been provided an opportunity to verify the efficacy of the fix.
Siemens Updates
Siemens published an update for their SegmentSmack advisory that was originally published on April 14th, 2020 and most recently updated on September 8th, 2020. The new information include updating information regarding successor products for SIMATIC RF180C and RF182C.
NOTE: NCCIC-ICS updated their advisory
for this vulnerability back in September but has not updated for this Siemens
update.
Siemens published an update for their GNU/Linux subsystem advisory that was originally published in 2018 and most recently updated on November 10th, 2020. The new information includes adding the following new vulnerabilities:
• CVE-2020-25284,
• CVE-2020-25668,
• CVE-2020-25705,
• CVE-2020-27618, and
• CVE-2020-27777
Siemens published an update for their Industrial Products advisory that was originally published on December 10th, 2019 and most recently updated on September 8th, 2020. The new information includes updating d information regarding successor products for SIMATIC RF182C and RFID 181EIP.
NOTE: NCCIC-ICS last updated their
advisory for this product back in August.
Siemens published an update for their advisory that was originally published on September 9th, 2020 and most recently updated on October 13th, 2020. The new information includes adding patch links for:
• SIMATIC HMI Basic (2nd
generation),
• Comfort (including SIPLUS
variants), and
• Mobile Panels
NOTE: NCCIC-ICS published their advisory
for these vulnerabilities back in September but has not updated it since.
Siemens published an update for their ZombieLoad advisory that was originally published on July 9th, 2019 and most recently updated on March 10th, 2020. The new information includes:
• Correcting mitigations for SIMATIC
S7-1500 CPU 1518F-4 PN/DP MFP and
• Providing updates for SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP
Schneider Updates
Schneider published an update for their Ripple20 advisory that was originally published on June 23, 2020 and most recently updated on November 10th, 2020. The new information includes adding remediation for:
• SCADAPack 32 RTU,
• XUPH001 OsSense communication
module,
• XGCS850C201 OsiSense RFID compact
smart antenna,
• ATV340E Altivar Machine Drives,
• ATV630/650/660/680/6A0/6B0 Altivar
Process Drives,
• ATV930/950/960/980/9A0/9B0
Altivar Process Drives,
• VW3A3720, VW3A3721 Altivar
Process Communication Modules,
• ACE850 Sepam communication
interface,
• PowerLogic EGX300 Ethernet Gateway,
• PowerLogic EGX100 Ethernet
Gateway, and
• Acti9 Smartlink IP
Schneider published an
update for their CodeMeter
advisory that was originally
published on October 13th, 2020. The new information includes
reporting that the CodeMeter V7.10a fix qualification is confirmed for EcoStruxure
Machine SCADA Expert.
Schneider published an update for their Modicon controllers advisory that was originally published on May 14th, 2019 and most recently updated on October 18th, 2020. The new information includes adding a fix for additional attack scenario is available on M340 V3.30 for CVE-2018-7857.
Schneider Reports
Claroty published a report discussing the Modicon M221 PLC vulnerabilities reported Tuesday by Schneider.
Trustwave published a report discussing one of the Modicon
M221 PLC vulnerabilities reported
Tuesday by Schneider. This report contains proof-of-concept code for the
one-way hash vulnerability.
No comments:
Post a Comment