This is a busier week than normal, even for a ‘Second Tuesday’ week. We have three vendor notifications for the FragAttacks WiFi vulnerabilities from Aruba, Ruckus, and Texas Instruments. We have two vendor notifications for the two OPC UA vulnerabilities reported this week by NCCIC-ICS from Beckhoff, Belden. We also have twelve other vendor notifications from Braun, SITEL (4), PEPPERL+FUCHS, CODESYS (3), Dell, and PulseSecure (2).
There will be a similarly lengthy list in Part 2 tomorrow.
FragAttacks Advisories
Aruba published an advisory discussing the FragAttacks vulnerabilities. Aruba provides a list of affected products and has new versions that mitigate the vulnerabilities.
Ruckus published an advisory discussing the FragAttacks vulnerabilities. Ruckus provides a list of affected products and has updates that mitigate the vulnerabilities.
TI published an advisory discussing the FragAttacks vulnerabilities. TI provides a list of affected products and has new versions that mitigate the vulnerabilities.
OPC UA Advisories
Beckhoff published an advisory discussing the OPC UA advisories. Beckhoff provides a list of affected products and has new versions that mitigate the vulnerabilities.
Belden published an advisory discussing the OPC UA advisories. Belden provides a list of affected products and has new versions that mitigate the vulnerabilities.
Braun Advisory
Braun published an advisory describing four vulnerabilities in a number of their products. The vulnerabilities were reported by McAfee Advanced Threat Research. Braun has new versions that mitigate the vulnerabilities. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.
The four reported vulnerabilities are:
• Insufficient verification of data
authenticity,
• Missing authentication for
critical function,
• Clear-text transmission of
sensitive information, and
• Unrestricted upload of file with dangerous type.
SITEL Advisories
Incibe-Cert published an advisory describing a hard-coded credentials vulnerability in the SITEL CAP/PRX products. The vulnerability was reported by S21sec. SITEL has a new firmware version that mitigates the vulnerability. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.
Incibe-Cert published an advisory describing an exposure of sensitive information to an unauthorized actor vulnerability in the SITEL CAP/PRX products. The vulnerability was reported by S21sec. SITEL has a new firmware version that mitigates the vulnerability. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.
Incibe-Cert published an advisory describing a clear-text transmission of sensitive information vulnerability in the SITEL CAP/PRX products. The vulnerability was reported by S21sec. SITEL has a new firmware version that mitigates the vulnerability. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.
Incibe-Cert published an advisory describing an uncontrolled resource consumption vulnerability in the SITEL CAP/PRX products. The vulnerability was reported by S21sec. SITEL has a new firmware version that mitigates the vulnerability. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.
PEPPERL+FUCHS Advisory
CERT-VDE published an advisory describing four vulnerabilities in the PEPPERL+FUCHS ICE1 Ethernet IO Modules. These are third-party (Hilscher) vulnerabilities. PEPPERL+FUCHS has provided generic mitigation measures.
The four reported vulnerabilities are:
• Out-of-bounds write (2) - CVE-2021-20987
and CVE-2021-20986,
• Improper restriction of
operations within the bounds of a memory buffer - CVE-2021-20988,
and
• Exposure of sensitive information to an unauthorized actor - CVE-2019-18222 (Mbed TLS)
CODESYS Advisories
CODESYS published an advisory describing three vulnerabilities in their CODESYS V2 runtime systems. The vulnerabilities were reported by Yossi Reuven of SCADAfence and Sergey Fedonin and Denis Goryushev of Positive Technologies. CODESYS has updates that mitigate the vulnerabilities. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.
The three reported vulnerabilities are:
• Heap-based buffer overflow - CVE-2021-30186,
• Stack-based buffer overflow - CVE-2021-30188,
and
• Improper input validation - CVE-2021-30195
CODESYS published an
advisory describing six vulnerabilities in their V2 web server. The
vulnerabilities were reported by Vyacheslav Moskvin, Sergey Fedonin and Anton
Dorfman of Positive
Technologies. CODESYS has a new version that mitigates the vulnerabilities. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.
The six reported vulnerabilities are:
• Stack-based buffer overflow - CVE-2021-30189,
• Improper access control - CVE-2021-30190,
• Buffer copy without checking size
of input - CVE-2021-30191,
• Improperly implemented security check
- CVE-2021-30192,
• Out-of-bounds write - CVE-2021-30193,
and
• Out-of-bounds read - CVE-2021-30194
CODESYS published an advisory describing an improper neutralization of special elements used in an OS command vulnerability in their CODESYS V2 Runtime Toolkit 32. This is a Linux implementation vulnerability. The vulnerability was reported by van Kurnakov and Sergey Fedonin of Positive Technologies. CODESYS has a new version that mitigates the vulnerability. There is no indication that the researchers have been provided an opportunity to verify the efficacy of the fix.
Dell Advisory
Dell published an advisory describing an improper authorization vulnerability in their Dell Wyse Windows Embedded System. The vulnerability was reported by Alessandro Baldini and Alessio D'Anastasio. Dell has updates that mitigate the vulnerability.
PulseSecure Advisories
PulseSecure published an advisory describing an HTTP request smuggling vulnerability in their Virtual Traffic Manager (vTM). The vulnerability was reported by James Kettle from PortSwigger Web Security. PulseSecure has new versions that mitigate the vulnerability. There is no indication that Kettle has been provided an opportunity to verify the efficacy of the fix.
PulseSecure published an
advisory describing a buffer overflow vulnerability in their Pulse Connect
Secure. PulseSecure provides a work around pending development of a new version
that will mitigate the vulnerability.
Posts
No comments:
Post a Comment