Public ICS Disclosures – Week of 11-14-20

This week we have six vendor disclosures from Beckhoff, ENDRESS+HAUSER
(2), GE Grid (2), and Medtronic. We have one Ripple20 advisory update
for products from Eaton. We also have a researcher report on vulnerabilities in
products from Schneider. Finally, we have reports of exploits for products from
Rockwell and the Netlogon vulnerability
in Microsoft products.

Beckhoff Advisory

CERT-VDE published an advisory
describing an incorrect default permissions vulnerability in the Beckhoff TwinCAT
XAR product. The vulnerability was reported by Ayushman Dutta. Beckhoff has
provided installation instructions to mitigate the vulnerability. There is no
indication that Dutta has been provided an opportunity to verify the efficacy
of the fix.

ENDRESS+HAUSER Advisories

CERT-VDE published an advisory
describing an exposure of sensitive information to an unauthorized actor vulnerability
in the ENDRESS+HAUSER Ecograph T products. The vulnerability was reported by
Maxim Rupp. ENDRESS+HAUSER has provided generic workarounds to mitigate the vulnerability.

CERT-VDE published an advisory
describing an improper privilege management vulnerability in the ENDRESS+HAUSER
Ecograph T products. The vulnerability was reported by Maxim Rupp. ENDRESS+HAUSER
has provided generic workarounds to mitigate the vulnerability.

GE Advisories

GE published an
advisory
for their Reason RT430/RT434. The advisory is only available to
registered customers.

GE published an
advisory
for their Reason RT431. The advisory is only available to
registered customers.

Medtronic Advisory

Medtronic published an
advisory
discussing the TiYunZong
vulnerabilities found in the CT900 Samsung Android tablets used to run their
Clinical Programmer Applications. A Chrome browser update is available to
mitigate the vulnerabilities.

NOTE: I wonder what other vendors using Android products for
access devices could be susceptible to these vulnerabilities?

Eaton Update

Eaton published an
update
for their Ripple20 advisory that was originally
published
 on June 23rd, 2020 and most
recently updated
on October 5th, 2020. The new information
includes adding the Uninterrupted Power Supply (UPSs) with ModbusMS card to the
list of affected products.

Schneider Report

Trustwave published a
report
describing their research into vulnerabilities in the Schneider EcoStruxure
Machine Expert and M221 PLC. The vulnerabilities were
reported
by Schneider on October 10th, 2020. The report includes
proof-of-concept code.

Rockwell Exploit

The Flashback team published
a Metasploit module
for vulnerabilities in the Rockwell FactoryTalk View SE
SCADA product. These vulnerabilities were
reported
by CISA NCCIC-ICS on June 18th, 2020.

Netlogon Exploit

West Shepherd published a proof-of-concept
exploit
for the Netlogon vulnerabilities reported by Microsoft.

NOTE: I have not seen this vulnerability reported in control
system products, but it has been reported by medical device manufacturers (see for
example BD
).

By admin