Tag: ICS

security advisory

[ICS] Digital Canal Structural Wind Analysis Stack Buffer Overflow

ICS-CERT published an advisory on one of my reports this week –
https://ics-cert.us-cert.gov/advisories/ICSA-17-157-02

Vendor: Digital Canal Structural
Equipment: Wind Analysis
Vulnerability: Stack-Based Buffer Overflow

AFFECTED PRODUCTS
The following versions of Wind Analysis, a structural engineering software platform, are affected:
Wind Analysis versions 9.1 and prior.

IMPACT
Successful exploitation of this vulnerability could cause the device that the attacker is accessing to become unavailable, resulting in a denial of service.

Read on for details.

security advisory

[ICS] Trihedral VTScada Multiple Vulnerabilities

ICS-CERT published an advisory on one of my reports this week –
https://ics-cert.us-cert.gov/advisories/ICSA-17-164-01

Vendor: Trihedral
Equipment: VTScada
Vulnerability: Resource Consumption, Cross-Site Scripting, Information Exposure

AFFECTED PRODUCTS

The following versions of VTScada, an HMI SCADA software, are affected:
VTScada Versions prior to 11.2.26

Read on for details.

security advisory

[ICS] Schneider Electric Wonderware InduSoft Web Studio Privilege Escalation

Schneider Electric Wonderware InduSoft Web Studio – Privilege Escalation

Vendor: Schneider Electric
Equipment: Wonderware InduSoft Web Studio
Vulnerability: Incorrect Default Permissions

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-138-02

Read on for details.

security advisory

[ICS] BLF-Tech LLC VisualView HMI Software – Insecure Library Loading Allows Code Execution

ICS-CERT published an advisory on one of my reports last month –
https://ics-cert.us-cert.gov/advisories/ICSA-17-115-01

BLF-Tech LLC VisualView HMI Insecure Library Loading Allows Code Execution

Vendor: BLF-Tech LLC
Equipment: VisualView HMI Software
Vulnerability: Uncontrolled Search Path Element

security advisory

[ICS] Schneider Electric Interactive Graphical SCADA System Software – Insecure Library Loading Allows Code Execution

ICS-CERT published an advisory on one of my reports last month –
https://ics-cert.us-cert.gov/advisories/ICSA-17-094-01

Schneider Electric Interactive Graphical SCADA System Software – Insecure Library Loading Allows Code Execution

Vendor: Schneider Electric
Equipment: Interactive Graphical SCADA System Software [IGSS]
Vulnerability: Uncontrolled Search Path Element

Read on for details.

security advisory

[ICS] Sierra Wireless Raven XE & XT ICS-CERT advisory published

Back in 2016, I released a report on multiple vulnerabilities in Sierra Wireless Raven XE & XT appliances:
https://ipositivesecurity.com/2016/06/25/ics-sierra-wireless-airlink-raven-xe-industrial-3g-gateway-multiple-vulnerabilities/

In response to it, ICS-CERT had posted an alert here:
https://ipositivesecurity.com/2016/07/01/ics-ics-alert-16-182-01-published-sierra-wireless-raven-xe-xt-vulnerabilities/

After almost an year, Sierra Wireless has resolved this report now, and a formal ICS-CERT advisory has been published:
https://ics-cert.us-cert.gov/advisories/ICSA-17-115-02

CVE-IDs
CVE-2017-6042
CVE-2017-6044
CVE-2017-6046

Read on for more details.

security advisory

[ICS] Satel SenNet ICS-CERT advisory released

Recently, I had posted about multiple security vulnerabilities in SenNet Data Logger appliances and Electricity Meters – https://ipositivesecurity.com/2017/04/07/sennet-data-logger-appliances-and-electricity-meters-multiple-vulnerabilties/

ICS-CERT finally released the advisory on May 11, 2017:
https://ics-cert.us-cert.gov/advisories/ICSA-17-131-02

Read on for more details.

security advisory

[ICS] Cambium SNMP Security Vulnerabilities

Cambium SNMP Security Vulnerabilities

AFFECTED PRODUCTS

Cambium ePMP 1000
Cambium ePMP 2000
Cambium PMP XXX
Cambium ForceXXX models
Potentially all other models

IMPACT

These vulnerabilities may can allow an attacker to access device configuration as well as make unauthorized changes to the device configuration.

Read on for the details.

security advisory

[ICS] SenNet Data Logger appliances and Electricity Meters Multiple Vulnerabilities

VULNERABILITY DETAILS

1. No access control on the remote shell
2. Shell services running with excessive privileges (superuser)
3. OS Command Injection
4. Insecure Transport

Read on for details and poc.

security advisory

[ICS] BINOM3 Electric Power Quality Meters – Multiple Vulnerabilities

Hacking Binom3 Electric Power Quality Meters

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A

CVE-IDs
CVE-2017-5164
CVE-2017-5162
CVE-2017-5165
CVE-2017-5166
CVE-2017-5167

Read on.