Cybersecurity

The NCCIC has published an advisory about command injection, stack-based buffer overflow, and improper access control vulnerabilities in Advantech WebAccess/SCADA. WebAccess/SCADA Versions 8.3.5 and prior are affected. Successful exploitation of these vulnerabilities may cause a denial of service and allow remote code execution. Advantech has released Version 8.4.0 of WebAccess/SCADA to address the reported vulnerabilities. The NCCIC also advises of a series of measures for mitigating these vulnerabilities.

The Multi-State ISAC (MS-ISAC) has published a Security Primer on the LockerGoga malware. This product provides an overview of the malware, lists indicators of concerns associated with this malware, includes a series of examples of the ransom notes left by the malware, and discusses recommendations for protecting organizations against LockerGoga activity. WaterISAC has been monitoring and reporting on LockerGoga since it was first disclosed that the malware was targeted industrial firms, the first of which appears to have been the Norwegian aluminum produce Norsk Hyrdo.

The NCCIC has published an advisory on a resource exhaustion vulnerability in Rockwell Automation PowerFlex 525 AC Drives. PowerFlex 525 AC Drives with embedded EtherNet/IP and Safety Versions 5.001 and earlier are affected. Successful exploitation of this vulnerability could result in resource exhaustion, denial of service, and/or memory corruption. Rockwell Automation has released new firmware to address the vulnerability. The NCCIC also offers a series of measures to address this vulnerability.

ASUS has released Live Update version 3.6.8. This version addresses vulnerabilities that a remote attacker could exploit to take control of an affected system. These vulnerabilities were detected in exploits in the wild. The NCCIC encourages users and administrators to review the ASUS article for more information. The article includes a security diagnostic tool that users can run on their device to determine whether it is affected.