Review – 16 Advisories and 1 Update Published – 2-15-24

Today, CISA’s NCCIC-ICS published 16 control system security advisories for products from Rockwell Automation and Siemens (15). They also updated an advisory for products from Mitsubishi.

CISA addressed each of the 15 advisories that Siemens published on Tuesday. As per their policy from last year, they did not publish updates for the eight Siemens updates from Tuesday. Nor did they address the three Schneider advisories and 1 update published that day. I will cover all of those this weekend.

Advisories

Rockwell Advisory - This advisory describes an incorrect execution-assigned permissions vulnerability in the Rockwell FactoryTalk Service Platform.

SINEC Advisory - This advisory discusses 62 vulnerabilities in the Siemens SINEC NMS product.

Polarian Advisory - This advisory describes two vulnerabilities in the Siemens Polarion ALM product.

Parasolid Advisory - This advisory describes two vulnerabilities in the Siemens Parasolid products. The vulnerabilities were self-reported.

SIMATIC Advisory #1 - This advisory describes two NULL pointer dereference vulnerabilities in the Siemens SIMATIC and OpenPCS products.

SIMATIC Advisory #2 - This advisory describes a use of hard-coded credentials vulnerability in the Siemens Location Intelligence products.

SIMATIC Advisory #3 - This advisory discusses an improper restriction of operations within the bounds of a memory buffer vulnerability in the Siemens SIMATIC RTLS Gateway products.

SCALANCE Advisory #1 - This advisory discusses 160 vulnerabilities in the Siemens SCALANCE XCM-/XRM-300 products.

SCALANCE Advisor #2 - This advisory describes eight vulnerabilities in the Siemens SCALANCE SC-600 family of products.

SCALANCE Advisory #3 - This advisory discusses fourteen vulnerabilities in the Siemens SCALANCE W1750D products.

Simcenter Advisory - This advisory describes six vulnerabilities in the Siemens Simcenter Femap product.

RUGGEDCOM Advisory - This advisory discusses a missing authentication for critical function vulnerability in the Siemens RUGGEDCOM APE1808.

Tecnomatix Advisory - This advisory describes ten vulnerabilities in the Siemens Tecnomatix Plant Simulation product.

Unicam Advisory - This advisory describes an incorrect use of privileged API’s vulnerability in the Siemens Unicam FX product.

Location Analysis Advisor - This advisory describes a use of hard-coded credentials in the Siemens Location Intelligence products.

CP-343-1 Advisory - This advisory describes an improper verification of a source of a communication channel vulnerability in the Siemens SIMATIC/SIPLUS Net CP 343 product lines.

SIDIS Advisory - This advisory discusses five vulnerabilities in the Siemens SIDIS Prime product.

Updates

Mitsubishi Update - This update provides additional information on an advisory that was originally published on November 2^nd, 2023.

 

For more details about these advisories, including links to 3^rd party advisories, researcher reports and exploits, as well as a brief look at a new notice on the NIST.NVD pages, see my article at CFSN Detailed analysis - https://patrickcoyle.substack.com/p/16-advisories-and-1-update-published-b6c - subscription required.