Review – 20 Advisories and 1 Update Published – 7-11-24

Today, CISA’s NCCIC-ICS published 20 control system security advisories for products from Siemens (17), Rockwell Automation (2), and HMS Industrial Networks. They also updated an advisory for products from Mitsubishi.

Advisories

HMS Advisory - This advisory describes a cross-site scripting vulnerability in the HMS Anybus-CompactCom 30 industrial communication interface.

Rockwell Advisory #1 - This advisory describes two improper privilege management vulnerabilities in the Rockwell FactoryTalk System Services and Policy Manager products.

Rockwell Advisory #2 - This advisory describes three improper input validation vulnerabilities in the Rockwell ThinManager ThinServer.

SIMATIC Advisory #1 - This advisory describes a deserialization of untrusted data vulnerability in the Siemens SIMATIC PCS and STEP 7 products.

SIMATIC Advisory #2 - This advisory describes an exposure of private personal information to an unauthorized actor vulnerability in the Siemens PCS 7 and WinCC SIMATIC products.

SIMATIC Advisory #3 - This advisory describes an improperly controlled sequential memory allocation vulnerability in the Siemens SIMATIC and SIMIT products.

SINEMA Advisory #1 - This advisory describes three command injection vulnerabilities in the Siemens SINEMA Remote Connect Client.

SINEMA Advisory #2 - This advisory describes two command injection vulnerabilities in the Siemens SINEMA Remote Connect Server.

SIPROTEC Advisory - This advisory that describes an inadequate encryption strength vulnerability in the Siemens SIPROTEC products.

TIA Portal Advisory #1 - This advisory describes a deserialization of untrusted data vulnerability in the Siemens TIA Portal, SIMATIC, and SIRIUS products.

TIA Portal Advisory #2 - This advisory describes a deserialization of untrusted data vulnerability in the Siemens TIA Portal and SIMATIC STEP 7 products.

RUGGEDCOM Advisory #1 - This advisory discusses the Terrapin-Attack vulnerability in the Siemens RUGGEDCOM APE1808 product.

RUGGEDCOM Advisory #2 - This advisory describes four vulnerabilities in the Siemens RUGGEDCOM products.

RUGGEDCOM Advisory #3 - This advisory discusses four vulnerabilities in the Siemens RUGGEDCOM APE 1808 product.

JT Open Advisory - This advisory describes two vulnerabilities in the Siemens JT Open and PLM XML SDK products.

Mendix Advisory - This advisory describes a use of hard-coded, security relevant constants vulnerability in the Siemens Mendix Encryption product.

SCALANCE Advisory - This advisory discusses the BlastRadius.Fail vulnerability in multiple Siemens product lines.

SIMCENTER Advisory - This advisory describes 15 vulnerabilities in the Siemens Simcenter Femap product.

Teamcenter Advisory - This advisory describes an out-of-bounds read vulnerability in the Siemens Teamcenter Visualization and JT2Go products.

Remote Connect Server Advisory - This advisory describes 13 vulnerabilities in the Siemens SINEMA Remote Connect Server.

Update

Mitsubishi Update - This update provides additional information for the MELSEC iQ-R advisory that was originally published on December 22^nd, 2022 and most recently updated on May 30^th, 2024.

 

For more information on these advisories, including links to 3^rd party advisories and researcher reports, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/20-advisories-and-1-update-published - subscription required.