Thursday, December 16, 2021

Review - 20 Advisories Published – 12-16-21

Today, CISA’s NCCIC-ICS published 20 control system security advisories for products from Siemens (15), Mitsubishi Electric (2), Wibu Systems, Delta Electronics, and Xylem. They also published six updates; I will cover these in a separate post. All of the new advisories that Siemens published on Tuesday were covered today by NCCIC-ICS.

JTTK Advisory #1 - This advisory describes two vulnerabilities in the Siemens JTTK and JT Utilities.

NOTE: The Siemens advisory reports ZDI-Canada reference numbers for these two vulnerabilities. Those, in turn point to Bentley CVE’s; CVE-2021-34878, CVE-2021-34898, and CVE-2021-34937 (links are to ZDI reports, CVE’s are still ‘Reserved’). There are a total of 77 ZDI reports for a variety of vulnerabilities in the Bentley View CAD product.

SiPass Advisory - This advisory describes three separate exposure of resources to wrong sphere vulnerabilities in the Siemens SiPass Integrated.

Teamcenter Advisory - This advisory describes a path traversal vulnerability in the Siemens Teamcenter Active Workspace.

JT Utilities Advisory - This advisory describes 16 vulnerabilities in the Siemens JT Utilities, JT Open Toolkit.

Healthineers Advisory - This advisory describes two separate out-of-bounds write vulnerability in the Siemens Healthineers syngo fastView.

NOTE: This should be a medical device security advisory; syngo fastView is a standalone viewer for DICOM2 images.

Simcenter Advisory - This advisory describes an out-of-bounds write vulnerability in the Siemens Simcenter STAR-CCM+ Viewer.

Siveillance Advisory - This advisory describes three separate exposure of resource to wrong sphere vulnerabilities in the Siemens Siveillance Identity self-service portal.

Questa Advisory - This advisory describes an insufficiently protected credential vulnerability in the Siemens Questa Simulation and ModelSim Simulation integrated circuit simulators.

NOTE: The research paper reporting this vulnerability is entitled: “How Not to Protect Your IP – An Industry-Wide Break of IEEE 1735 Implementations”. This vulnerability is not limited to these two Siemens products.

SIMATIC ITS Advisory - This advisory describes a using components with (19) known vulnerabilities vulnerability in the Siemens IMATIC ITC Products.

SIMATIC Advisory - This advisory describes a path traversal vulnerability in the Siemens SIMATIC eaSie PCS 7 Skill Package.

JT2Go Advisory - This advisory describes 16 vulnerabilities in the Siemens JT2Go and Teamcenter Visualization products.

SINUMERIK Advisory - This advisory describes an improper certificate validation vulnerability in the Siemens SINUMERIK Edge platform.

JTTK Advisory #2 - This advisory describes three vulnerabilities in the Siemens JTTK and JT Utilities.

Power Meter Advisory - This advisory describes a stack-based buffer overflow vulnerability in the Siemens POWER METER SICAM Q100.

Capital VSTAR Advisory - This advisory discusses the NUCLEUS:13 vulnerabilities in the Siemens Capital VSTAR.

FA Engineering Advisory - This advisory describes two vulnerabilities in the Mitsubishi FA Engineering Software.

GX Works2 Advisory - This advisory describes an improper handling of length parameter inconsistency vulnerability in the Mitsubishi GX Works2 engineering software suite.

NOTE: Mitsubishi published another advisory and 1 update today. I will address those this weekend.

Wibu Advisory - This advisory describes an improper privilege management vulnerability in the Wibu CodeMeter.

NOTE: I briefly discussed this vulnerability in early October 2021.

Delta Advisory - This advisory describes an out-of-bounds read vulnerability in the Delta CNCSoft industrial automation software.

Xylem Advisory - This advisory describes a use of hard-coded credentials vulnerability in the Xylem AquaView SCADA system.

For more details on these advisories, including links to third-party advisories, exploits and researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/20-advisories-published-12-16-21 - subscription required.

No comments:

 
/* Use this with templates/template-twocol.html */