Review – 16 Advisories Published – 10-13-22

Today, CISA’s NCCIC-ICS published sixteen control system security advisories for products from Hitachi Energy and Siemens (15). Nine updates were also published, they will be addressed in a separate post.

Hitachi Energy Advisory - This advisory discusses the SpringShell vulnerabilities in the Hitachi Energy Lumada Asset Performance Manager (APM).

NOTE: I briefly discussed these vulnerabilities on May 8^th, 2022.

LOGO! Advisory #1 - This advisory describes an insufficient verification of data authenticity in the Siemens LOGO! programmable logic controller.

LOGO! Advisory #2 - This advisory describes three vulnerabilities in the Siemens LOGO! 8 BM (Base Module) devices.

Industrial Edge Advisory - This advisory describes an improper certificate validation vulnerability in the Siemens Industrial Edge Management platform.

Solid Edge Advisory - This advisory descries a heap-based buffer overflow in the Siemens Solid Edge portfolio of software tools.

SIMATIC Advisory #1 - This advisory describes an insufficiently protected credentials vulnerability in the Siemens SIMATIC S7-1200 and S7-1500 CPU families.

NOTE: Siemens provides links to an additional bulletin (SSB-898115) with more information about the vulnerability.

SIMATIC Advisory #2 - This advisory describes an improper input validation vulnerability in the Siemens SIMATIC Human Machine Interface (HMI) Panels.

Desigo Advisory #1 - This advisory describes seven vulnerabilities in the Siemens Desigo PXM Devices.

Desigo Advisory #2 - This advisory describes a use of client-side authentication vulnerability in the Siemens Desigo CC and Cerberus danger management station (DMS).

Nucleus RTOS Advisory - This advisory discusses an uncontrolled resource consumption vulnerability in the Siemens Nucleus Real-Time Operating System (RTOS) FTP Server.

NOTE: The Siemens advisory notes that Kaspersky reported the vulnerability to WAGO (in their 750 controller) who in-turn reported it to Siemens.

TCP Event Advisory - This advisory describes an improper input validation vulnerability in the Siemens SCALANCE and RUGGEDCOM Smart Security Manager.

SICAM Advisory - This advisory describes two vulnerabilities in the Siemens SICAM P850 and P855 devices.

JT Open Advisory - This advisory describes an access of unitialized pointer vulnerability in the Siemens JT Open Toolkit and Simcenter Femap.

SCALANCE Advisory #1 - This advisory describes a missing authorization vulnerability in the Siemens SCALANCE and RUGGEDCOM products.

SCALANCE Advisory #2 - This advisory describes a cross-site scripting vulnerability in the Siemens SCALANCE X-200 and X-200IRT Families.

APOGEE Advisory - This advisory describes an uncontrolled resource consumption vulnerability in the Siemens FTP Server of Nucleus RTOS based APOGEE, TALON and Desigo PXC/PXM Products.

 

For more details about these advisories, including links to researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/16-advisories-published-10-13-22 - subscription required.