You are here

Home » Cybersecurity

Cybersecurity

Siemens RUGGEDCOM ROX II (ICSA-19-099-05) – Products Used in the Energy Sector

The NCCIC has published an advisory on double free, out-of-bounds read, and uncontrolled resource consumption vulnerabilities in Siemens RUGGEDCOM ROX II. All versions prior to 2.13.0 are affected. Successful exploitation of these vulnerabilities could result in remote code execution and/or a denial-of-service condition. Siemens has provided firmware update v2.13.0 to fix these vulnerabilities and also recommends users apply specific workarounds and mitigations to reduce risk. The NCCIC has also provided a series of measures for mitigating the vulnerabilities.

Siemens SINEMA Remote Connect (ICSA-19-099-04) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on incorrect calculation of buffer size, out-of-bounds read, stack-based buffer overflow, and improper handling of insufficient permissions vulnerabilities in Siemens SINEMA Remote Connect. For SINEMA Remote Connect Client, all versions prior to v2.0 HF1 are affected. For SINEMA Remote Connect Server, all versions prior to 2.0 are affected. Successful exploitation of these vulnerabilities could allow an attacker to circumvent the system authorization for certain functionalities, and to execute privileged functions.

Siemens Spectrum Power 4.7 (ICSA-19-099-02) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on a command injection vulnerability in Siemens Spectrum Power 4.7. Spectrum Power 4 with Web Office Portal is affected. Successful exploitation of this vulnerability in versions of Spectrum Power 4 using the user-specific project enhancement (PE) Web Office Portal (WOP) are affected by an OS command injection vulnerability. The vulnerability could be exploited by an unauthenticated attacker with network access to the affected service. No user interaction is required to exploit this vulnerability.

Siemens SIMOCODE pro V EIP (ICSA-19-099-01) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on an uncontrolled resource consumption vulnerability in SIMOCODE pro V EIP. All versions prior to 1.0.2 are affected. Successful exploitation of this vulnerability could cause a denial-of-service condition. Siemens recommends users upgrade to Version 1.0.2. Users who cannot upgrade because of hardware restrictions are recommended to apply the manual mitigations. The NCCIC has also provided a series of measures for mitigating the vulnerabilities.

Latest Version of CIS Controls Features New Implementation Groups

The Center for Internet Security (CIS), the home of WaterISAC’s partner MS-ISAC, has announced enhancements to its CIS Controls with the release of version 7.1. This latest version introduces Implementation Groups (IGs) to the CIS Controls. The IGs are a simple and accessible way to help organizations classify themselves and focus their security resources and expertise while leveraging the value of the CIS Controls. The CIS Controls are internationally-recognized cybersecurity best practices for defense against common threats; they have been downloaded more than 150,000 times to date.

FEMA Turns 40 Years Old

On the occasion of its 40th anniversary, FEMA has released a podcast taking listeners on a trip through the agency’s timeline, highlighting key historical events, landmark legislation, and the “not so often told story” of how it got where it is today. The podcast includes interviews with FEMA employees, one of whom has been with the agency since its inception, as well as discussions about FEMA’s responses to major disasters, such as Hurricane Andrew in 1992, the Northridge earthquake in 1994, the 9/11 attacks of 2001, and Hurricane Katrina in 2005.

Rockwell Automation Stratix 5950 (ICSA-19-094-04) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on resource management errors and improper input validation vulnerabilities in Rockwell Automation Stratix 5950. Numerous products are affected. Successful exploitation of this vulnerability could allow a remote attacker to cause an affected device to reload. Rockwell Automation recommends that users not use any IPsec virtual private network (VPN) connections and apply a series of general guidelines. The NCCIC has also provided a series of measures for mitigating the vulnerabilities.

Rockwell Automation Stratix 5400/5410/5700/8000/8300 and ArmorStratix 5700 (ICSA-19-094-03) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on resource management errors and improper input validation vulnerabilities in Rockwell Automation Stratix 5400/5410/5700/8000/8300 and ArmorStratix 5700. Numerous products and versions of those products are affected. Successful exploitation of these vulnerabilities could result in a denial-of-service condition or time synchronization issues across the network via reloading the device, a buffer overflow, or memory exhaustion. Rockwell Automation recommends users upgrade to the latest versions and to apply a series of general guidelines.

Rockwell Automation Stratix 5400/5410/5700 and ArmorStratix 5700 (ICSA-19-094-02) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on an uncontrolled resource consumption vulnerability in Rockwell Automation Stratix 5400/5410/5700 and ArmorStratix 5700. Numerous products and versions of those products are affected. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to cause a memory leak on an affected device, which may cause the device to reload. Rockwell Automation recommends users upgrade to FRN 15.2(6)E2a or later and to apply a series of general guidelines.

Omron CX-Programmer (ICSA-19-094-01)

The NCCIC has published an advisory on a use after free vulnerability in Omron CX-Programmer within CX-One. CX-Programmer v9.70 and prior and Common Components January 2019 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of the application. Omron has released an updated version of CX-One to address the vulnerability. The NCCIC has also provided a series of measures for mitigating the vulnerability.

Pages

Subscribe to Cybersecurity