Thursday, September 8, 2022

Review – 2 Advisories and 2 Updates Published – 9-8-22

Today, CISA’s NCCIC-ICS published a control system security advisory for products from MZ Automation and a medical device security advisory for products from Baxter. They also updated advisories for products from PTC and Hillrom.

MZ Advisory - This advisory describes four vulnerabilities in the MZ Automation libIEC61850, a library for IEC 61850 implementation.

NOTE: Since this is a library product, the vulnerabilities are only exploitable in a product in which the library is used. So, we can expect to see this show up as third-party vulnerabilities in products from other vendors.

Baxter Advisory - This advisory discusses four vulnerabilities (with proof-of-concept code available) in the Sigma and Baxter Spectrum Infusion Pumps. The Baxter advisory notes that the vulnerabilities only affect the Spectrum Wireless Battery Module (WBM) that may be used by the infusion pumps.

PTC Update - This update provides new information on an advisory that was originally published on August 30th, 2022.

Hillrom Update - This update provides new information on an advisory that was originally published on June 1st, 2021 and most recently updated on December 14th, 2021.

NOTE: The Hillrom advisory is nearly a duplicate of the CISA advisory (including the questionable use of the CISA seal), but it specifically mentions the December 14th, 2021 update where the CISA advisory does not directly. I also like their use of the ‘Unclassified’ document marking.


For more details about these advisories and updates, including links to researcher reports, see my article at CFSN Detailed Analysis - - subscription required.

No comments:

/* Use this with templates/template-twocol.html */