Thursday, April 1, 2021

1 Advisory Published – 4-1-21

Today the CISA NCCIC-ICS published one control system security advisory for products from Rockwell Automation.

Rockwell Advisory

This advisory describes nine vulnerabilities in the Rockwell FactoryTalk AssetCentre. The vulnerabilities were reported by Sharon Brizinov and Amir Preminger of Claroty. Rockwell has a new version that mitigates the vulnerabilities. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.

The nine reported vulnerabilities are:

• Deserialization of untrusted data (4) - CVE-2021-27462, CVE-2021-27466, CVE-2021-27470, and CVE-2021-27460,

• Use of potentially dangerous function - CVE-2021-27474,

• OS command injunction - CVE-2021-27476, and

• SQL injection - CVE-2021-27472, CVE-2021-27468, and CVE-2021-27464

NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit these vulnerabilities to allow unauthenticated attackers to perform arbitrary command execution, SQL injection, or remote code execution.

No comments:

/* Use this with templates/template-twocol.html */