December 2015

View all on this date written articles further down below.
24 Dec 2015

[ICS] XZERES 442SR Wind Turbine XSS Vulnerability

[ICS] XZERES 442SR Wind Turbine Cross-site Scripting Vulnerability

AFFECTED PRODUCTS
XZERES is a US-based energy company that maintains offices in several countries around the world, including the UK, Italy, Japan, Vietnam, Philippines, and Myanmar.

The affected product, 442SR Wind Turbine, has a web-based interface system. According to XZERES, the 442SR is deployed across the Energy sector. XZERES estimates that this product is used worldwide.

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-15-342-01

CVE-ID
CVE-2016-2287

IMPACT
Successful exploitation of this vulnerability could allow the injection of malicious script. This exploit can cause a loss of power for all attached systems.

Read on

Read more

24 Dec 2015

[ICS] eWON sa Industrial router – Multiple Vulnerabilities

Reported multiple vulnerabilities in eWON sa Industrial router. Response from eWON was not so surprisingly full of ignorance.

AFFECTED PRODUCTS
The following eWON router firmware versions are affected:
All eWON firmware versions prior to 10.1s0
 
ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-15-342-01
 
CVE-IDs
CVE-2015-7924
CVE-2015-7925
CVE-2015-7926
CVE-2015-7927
CVE-2015-7928
CVE-2015-7929

Read on.

Read more

21 Dec 2015

LG-Nortel ADSL modem Multiple Vulnerabilities

A while back in April - May 2015, on a pentest in Sydney, I was testing a LG-Nortel ADSL modem for a customer. This device model is heavily deployed by Optus in Australia (Sydney) for its SOHO broadband customers. I found several security flaws on the device which I then reported to appropriate teams.

(Potential) Estimated deployment size is 20-30% of customer base. Optus, CERT-US, CERT-AU, are aware of these issues.

Ownership of this model by LG Nortel could not be identified. <--- The issues are not fixed.

This device may very well be used by other Service Providers and / or in other locations. I am not sure if & how this device might connect back to Optus network. If it does connect / talk back, it'd be interesting what impact it can create.

Read on for details & poc.

Read more