Review – 5 Advisories and 1 Update Published – 3-29-22

Today, CISA’s NCCIC-ICS published four control system security advisories for products from Modbus, Hitachi Energy, Omron and Rockwell Automation. They also published a medical device security advisory for products from Philips. Finally, they updated an advisory for products from Delta Electronics.

Modbus Advisory - This advisory describes a stack-based buffer overflow vulnerability in the Modbus Tools Modbus Slave.

Hitachi Energy - This advisory describes four vulnerabilities in the Hitachi Energy LinkOne WebView  enterprise graphical parts catalog.

NOTE: I briefly reported on these vulnerabilities in December 2021.

Omron Advisory - This advisory describes four vulnerabilities in the Omron CX-Position position control software.

Rockwell Advisory - This advisory describes an improper restriction of XML external entity reference vulnerability in the Rockwell ISaGRAF workbench products.

Philips Advisory - This advisory describes a missing authentication for critical function vulnerability in the Philips e-Alert MRI system monitoring platform.

Delta Update - This update provides additional information on an advisory that was originally published on March 22^nd, 2022.

 

For more details on these advisories, including links to researcher advisories and exploits, see my article at CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/5-advisories-and-1-update-published-559 - subscription required.

Public ICS Disclosure – Week of 6-10-17

This week Richard Young described a privilege escalation vulnerability on the APC UPS Daemon. The Seclist – Full Disclosure report notes that Young has attempted a coordinated disclosure, but received an inadequate response from the vendor. He reports that:

“The default installation of APCUPSD allows a local unprivileged user to run arbitrary code with elevated privileges by replacing the service executable apcupsd.exe with a malicious executable, which will run with SYSTEM privileges at startup.”

The APCUPSD web site reports that the program supports Modbus (via both serial and USB connections) making this UPS support program vulnerability potentially a control system security issue.