Today CISA’s NCCIC-ICS published one control system security advisory for products from Rockwell Automation.
Rockwell Advisory
This advisory describes four vulnerabilities in the Rockwell FactoryTalk Linx and FactoryTalk Services Platform. The vulnerabilities were reported by Tenable. According to the Rockwell advisory, patches are available that mitigate the vulnerabilities. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.
The four reported vulnerabilities are:
• Improper check or handling of
exceptional conditions - CVE-2020-5801 and CVE-2020-5802, and
• Buffer copy without checking size of input - CVE-2020-5806 and CVE-2020-5807 (Note #1: the NCCIC-ICS advisory lists the -5806 CVE twice, the second CVE is listed in the Rockwell advisory)
NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit these vulnerabilities to result in denial-of-service conditions (NOTE #2: The Tenable report provides a GitHub link for proof-of-concept code).
NOTE #3: I first discussed these vulnerabilities back on January
2nd, 2021 and most recently on
January 16th when Rockwell published their first update. I would
expect that this NCCIC-ICS advisory is based upon the second update that
Rockwell published last Friday.
Posts
No comments:
Post a Comment