Today the CISA NCCIC-ICS published four control system
security advisories for products from ProSoft Technology, Rockwell Automation,
Fatek, and PerFact.

ProSoft Advisory

This advisory
describes a permissions, privileges, and access controls vulnerability in the
ProSoft industrial cellular gateways. The vulnerability was reported by Maxim
Rupp. ProSoft has a new firmware version that mitigates the vulnerability.
There is no indication that Maxim has been provided an opportunity to verify
the efficacy of the fix.

NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit the vulnerability to allow an attacker to change the
current user’s password and alter device configurations.

Note: Interesting Twitversation
about this advisory today.

Rockwell Advisory

This advisory
describes an insufficiently protected credentials vulnerability in the Rockwell
 Studio 5000 Logix Designer, RSLogix
5000, Logix Controllers.  The
vulnerability was independently reported by Lab. of Information Systems
Security Assurance, Kaspersky, and Claroty. Rockwell describes compensating
controls to mitigate the vulnerability. There is no indication that the
researchers were provided an opportunity to verify the efficacy of the fix.

NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit the vulnerability to allow a remote unauthenticated
attacker to bypass the verification mechanism and connect with Logix
controllers. Additionally, this vulnerability could enable an unauthorized
third-party tool to alter the controller’s configuration and/or application
code.

Fatek Advisory

This advisory
describes five vulnerabilities in the Fatek FvDesigner software tool. The
vulnerabilities were reported by Francis Provencher and rgod via the Zero Day
Initiative. Fatek is working on mitigation measures.

The five reported vulnerabilities are:

• Use after free – CVE-2021-22662,

• Access of uninitialized pointer –
CVE-2021-22670,

• Stack-based buffer overflow – CVE-2021-22666,

• Out-of-bounds write – CVE-2021-22683,
and

• Out-of-bounds read – CVE-2021-22638

NCCIC-ICS reports that a relatively low-skilled attacker with
uncharacterized access could exploit the vulnerabilities to allow an attacker
to read/modify information, execute arbitrary, and/or crash the application.

PerFact Advisory

This advisory
describes an external control of system or configuration setting vulnerability
in the PerFact OpenVPN-Client. The vulnerability was reported by Sharon
Brizinov of Claroty. PerFact has a new version that mitigates the vulnerability.
There is no indication that Sharon has been provided an opportunity to verify
the efficacy of the fix.

NCCIC-ICS reports that a relatively low-skilled attacker
could remotely exploit the vulnerability to allow for local privilege
escalation or remote code execution through a malicious webpage.

Go to Source of this post
Author Of this post: PJCoyle

By admin