Category: security advisory

security advisory

Cambium SNMP Security Vulnerabilities

Cambium SNMP Security Vulnerabilities

AFFECTED PRODUCTS

Cambium ePMP 1000
Cambium ePMP 2000
Cambium PMP XXX
Cambium ForceXXX models
Potentially all other models

IMPACT

These vulnerabilities may can allow an attacker to access device configuration as well as make unauthorized changes to the device configuration.

Read on for the details.

security advisory

SenNet Data Logger appliances and Electricity Meters Multiple Vulnerabilties

VULNERABILITY DETAILS

1. No access control on the remote shell
2. Shell services running with excessive privileges (superuser)
3. OS Command Injection
4. Insecure Transport

Read on for details and poc.

security advisory

[ICS] Sielco Sistemi Winlog SCADA Software – Insecure Library Loading Allows Code Execution

ICS-CERT published an advisory on one of my reports last month –
https://ics-cert.us-cert.gov/advisories/ICSA-17-038-01

Sielco Sistemi Winlog SCADA Software Insecure Library Loading Allows Code Execution

Vendor: Sielco Sistemi
Equipment: Winlog SCADA Software
Vulnerability: Uncontrolled Search Path Element

security advisory

[ICS] LAquis SCADA Path Traversal Vulnerability

ICS-CERT published a new advisory on one of my reports recently –
https://ics-cert.us-cert.gov/advisories/ICSA-17-082-01

LCDS – Leão Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA Access Control Vulnerability

Vendor: LCDS – Leão Consultoria e Desenvolvimento de Sistemas LTDA ME
Equipment: LAquis SCADA
Vulnerability: Path Traversal

security advisory

[ICS] LAquis SCADA Advisory Access Control Vulnerability

ICS-CERT published an advisory on one of my reports recently –
https://ics-cert.us-cert.gov/advisories/ICSA-17-075-01

LCDS – Leão Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA Access Control Vulnerability

Vendor: LCDS – Leão Consultoria e Desenvolvimento de Sistemas LTDA ME
Equipment: LAquis SCADA
Vulnerability: Improper Access Control

security advisory

PostgreSQL pgAdmin4 – Insecure Library Loading Allows Code Execution

This vulnerability can allow attackers to execute arbitrary code on vulnerable installations of pgAdmin4 software. pgAdmin4 is a GUI application for database server administration, and comes packaged with PostgreSQL package.

User interaction is required to exploit this vulnerability in that the malicious dll file(s) should be saved in any of the DLL search paths.

Confirmed on products
pgAdmin4 v1.1: Current version packaged with PostgreSQL v9.6.1.1 (Windows x86 Current version)

security advisory

[ICS] Carlo Gavazzi VMUC-EM Energy Meter – Multiple Vulnerabilities

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-012-03

CVE-IDs
CVE-2017-5144
CVE-2017-5145
CVE-2017-5146

security advisory

[ICS] BINOM3 Electric Power Quality Meters – Multiple Vulnerabilities

Hacking Binom3 Electric Power Quality Meters

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A

CVE-IDs
CVE-2017-5164
CVE-2017-5162
CVE-2017-5165
CVE-2017-5166
CVE-2017-5167

Read on.

security advisory

[ICS] ELNet Energy meter & Electrical powermeter – multiple vulnerabilities

ELNet Energy meter & Electrical Powermeter vulnerabilities – another case of poor software security practices.

security advisory

[ICS] Multiple vulnerabilities – Powerlogic/Schneider Electric IONXXXX series Smart Meters

Reported multiple security issues in Powerlogic/Schneider Electric IONXXXX series power meters

Reported to ICS-CERT – July 2016
Advisory published – Nov 2016
https://ics-cert.us-cert.gov/advisories/ICSA-16-308-03

CVE-IDs
CVE-2016-5809
CVE-2016-5815

The following IONXXXX series power meter versions are affected:
ION73XX series,
ION75XX series,
ION76XX series,
ION8650 series,
ION8800 series, and
PM5XXX series.

Read on.