Today CISA’s NCCIC-ICS published 23 advisories for products from Siemens (20), Schneider, Johnson Controls and Digi.
They also published 22 updates, but I will address those in a subsequent article. Siemens published an additional four new advisories today, and Schneider published three other new advisories today. I will address all seven of them this weekend in my ‘Public ICS Disclosure’ blog post.
SIMATIC Advisory #1 - This advisory
describes an incorrect authorization vulnerability in the Siemens SIMATIC, TIM
products.
Teamcenter Advisory #1 - This advisory
describes a path traversal vulnerability in the Siemens Teamcenter Active
Workspace.
Industrial Edge Advisory - This advisory
describes an authorization bypass through user controlled key vulnerability in
the Siemens Industrial Edge Management.
LOGO! Advisory #1 - This advisory discusses
two vulnerabilities in the Siemens LOGO! CMR2020, LOGO! CMR2040 and SIMATIC RTU
3000 family.
SINEMA Advisory #1 - This advisory
describes six vulnerabilities in the Siemens SINEMA Remote Connect Server.
Siveillance Advisory - This advisory
describes an OS command injection vulnerability in the Siemens Siveillance OIS
Building Management Systems products.
Desigo Advisory - This advisory
describes a deserialization of untrusted data vulnerability in the Siemens Desigo
CC Family.
SIPROTEC Advisory #1 - This advisory
describes an improper input validation vulnerability in the Siemens SIPROTEC 5
relays.
SIMATIC Advisory #1 - This advisory
describes an improper operation within the bounds of a memory buffer vulnerability
in the Siemens SIMATIC NET CP Modules.
SINEC Advisory - This advisory
describes two vulnerabilities in the Siemens SINEC network management system
(NMS).
LOGO! Advisory #2 - This advisory
describes a use of insufficiently random values vulnerability in the Siemens LOGO!
CMR, SIMATIC RTU 3000.
SINEMA Advisory #2 - This advisory
describes a missing authentication for critical function vulnerability in the
Siemens SINEMA Server.
SIMATIC Advisory #2 - This advisory
describes an out-of-bounds write vulnerability in the Siemens SIMATIC RFID
terminals.
SIPROTEC Advisory #2 - This advisory
describes two classic buffer overflow vulnerabilities in the Siemens SIPROTEC 5
relays.
NX Advisory - This advisory
describes two vulnerabilities in the Siemens NX product.
Teamcenter Advisory #2 - This advisory
describes a path traversal vulnerability in the Siemens Teamcenter Active
Workspace. The vulnerability is self-reported. (Appears to be a duplicate
advisory.)
Apogee Advisory - This advisory
describes a classic buffer overflow vulnerability in the Siemens APOGEE and
TALON direct digital controls.
SIMATIC Advisory #3 - This advisory
describes a clear-text storage of sensitive information vulnerability in the
Siemens SIMATIC CP 1543-1 (incl. SIPLUS variants) and SIMATIC CP 1545-1
products.
Simcenter Advisory #1 - This advisory
describes an out-of-bounds write vulnerability in the Siemens Simcenter
STAR-CCM+ Viewer.
Simcenter Advisory #2 - This advisory
describes an out-of-bounds read vulnerability in the Siemens Simcenter Femap
simulation application.
Schneider Advisory - This advisory
describes two vulnerabilities in the Schneider Struxureware Data Center Expert.
Johnson Controls Advisory - This advisory describes an authentication bypass by capture-replay in the Johnson Controls KT-1 door controller.
For more details on these advisories, including links to
vendor advisories, third-party advisories and exploits, see my article at CFSN
Detailed Analysis - https://patrickcoyle.substack.com/p/23-advisories-published-9-14-21
- subscription required.
Posts
No comments:
Post a Comment