Today the CISA NCCIC-ICS published four control system security advisories for products from Delta Industrial, Eaton, Omron, and Hitachi-ABB Power Grids. They also published a medical device security advisory for products from Innokas Yhtyma Oy.
Delta Advisory
This advisory describes four vulnerabilities in the Delta CNCSoft-B software management platform. The vulnerabilities were reported by Kimiya via the Zero Day Initiative (ZDI). Delta has a new version that mitigates the vulnerability. There is no indication that Kimiya has been provided an opportunity to verify the efficacy of the fix.
The four reported vulnerabilities are:
• Out-of-bounds write - CVE-2020-27287,
• Out-of-bounds read - CVE-2020-27291,
• Untrusted pointer dereference - CVE-2020-27289,
and
• Type confusion - CVE-2020-27293
NCCIC-ICS reports that a relatively low-skilled attacker with uncharacterized access could exploit these vulnerabilities to lead to arbitrary code execution.
Eaton Advisory
This advisory describes two vulnerabilities in the Eaton EASYsoft product. The vulnerabilities were reported by Francis Provencher via ZDI. Eaton is continuing to work on developing mitigation measures.
The two reported vulnerabilities are:
• Type confusion - CVE-2020-6656,
and
• Out-of-bounds read - CVE-2020-6655
NCCIC-ICS reports that an uncharacterized attacker with uncharacterized access could exploit these vulnerabilities to modify or crash the program.
Omron Advisory
This advisory describes three vulnerabilities in the Omron CX-One automation software suite. The vulnerabilities were reported by rgod via ZDI. Omron has an update available to mitigate the vulnerability. There is no indication that rgod has been provided an opportunity to verify the efficacy of the fix.
The three reported vulnerabilities are:
• Untrusted pointer dereference - CVE-2020-27259,
• Stack-based buffer overflow - CVE-2020-27261,
and
• Type confusion - CVE-2020-27257
NCCIC-ICS reports that a relatively low-skilled attacker with uncharacterized access could exploit these vulnerabilities to crash the device being accessed. In addition, a buffer overflow condition may allow remote code execution.
Hitachi-ABB Advisory
This advisory describes an improper authentication vulnerability in the Hitachi-ABB FOX615. This is reported as a third-party vulnerability in the Libssh service. The vulnerability was self-reported. Hitachi-ABB has firmware updates that mitigate the vulnerability.
NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit this vulnerability to allow an attacker remote access to the device without authentication.
NOTE: This vulnerability was reported by Libssh.org in 2018. An exploit was reported for this vulnerability by DAYANÇ SOYADLI in October 2018.
Innokas Advisory
This advisory describes two vulnerabilities in the Innokas Vital Signs Monitor VC150. The vulnerabilities were reported by Julian Suleder, Nils Emmerich, Birk Kauer, and Dr. Oliver Matula of ERNW via the German BSI. Innokas has a new version that mitigates the vulnerabilities. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.
The two reported vulnerabilities are:
• Cross-site scripting - CVE-2020-27262,
• Improper neutralization of special elements in output used by a downstream component - CVE-2020-27260
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit the vulnerabilities to allow an attacker to modify
communications between downstream devices or cause some features of the
affected devices to become disabled.
No comments:
Post a Comment