Today CISA’s NCCIC-ICS published two control system security advisories for products from AGG Software and Rockwell Automation. They also published a medical device security advisory for products from ZOLL.
AGG Advisory
This advisory describes two vulnerabilities in the AGG Web Server. The vulnerabilities were reported by Michael Heinzl. AGG has a new version that mitigates the vulnerabilities. There is no indication that Heinzl has been provided an opportunity to verify the efficacy of the fix.
NCCIC-ICS reports that a relatively low-skilled attacker could remotely exploit the vulnerabilities to allow remote code execution and exposure of arbitrary system files.
Rockwell Advisory
This advisory describes a protection mechanism failure vulnerability in the Rockwell FactoryTalk Services Platform. The vulnerability is self-reported. Rockwell has a new version that mitigates the vulnerability.
NCCIC-ICS reports that an uncharacterized attacker could remotely exploit the vulnerability to allow remote, authenticated users to bypass FactoryTalk Security policies that are based on a computer name.
ZOLL Advisory
This advisory describes six vulnerabilities in the ZOLL Defibrillator Dashboard. The vulnerabilities were reported anonymously to CISA. ZOLL has new versions that mitigate the vulnerabilities.
The six reported vulnerabilities are:
• Unrestricted upload of file with
dangerous type - CVE-2021-27489,
• Use of hard-coded cryptographic
key - CVE-2021-27481,
• Cleartext storage of sensitive
information - CVE-2021-27487,
• Cross-site scripting - CVE-2021-27479
• Storing passwords in a
recoverable format - CVE-2021-27485, and
• Improper privilege management - CVE-2021-27483
NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit the vulnerabilities to allow remote code execution,
allow an attacker to gain access to credentials, or impact confidentiality,
integrity, and availability of the application.
Posts
No comments:
Post a Comment