You are here

Home » Cybersecurity

Cybersecurity

Rockwell Automation FactoryTalk Services Platform (ICSA-20-170-04) – Product Used in the Water and Wastewater Sector

CISA has published an advisory on an improper input validation vulnerability Rockwell Automation FactoryTalk Services Platform. All versions of FactoryTalk Services Platform are affected. Successful exploitation of this vulnerability could allow an unauthenticated attacker to execute remote COM objects with elevated privileges. Affected users are encouraged to use Rockwell Automation Knowledgebase article 25612 to determine if FactoryTalk Services Platform is installed.

Rockwell Automation FactoryTalk View SE (ICSA-20-170-05) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on improper input validation, improper restriction of operations within the bounds of a memory buffer, permissions, privileges, and access controls, and exposure of sensitive information to an unauthorized actor vulnerabilities in Rockwell Automation FactoryTalk Services Platform. All versions of FactoryTalk View SE are affected. Successful exploitation of these vulnerabilities may allow a remote authenticated attacker to manipulate data of affected devices.

Ripple20 Vulnerabilities Affecting Treck IP Stacks

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) reports it is aware of multiple vulnerabilities, known as Ripple20, affecting Treck IP stack implementations for embedded systems. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following products for additional information and mitigations, and update to the latest stable version of Treck IP stack software (6.0.1.67 or later).

Vulnerability Awareness – Recent SMB Vulnerabilities

Last Tuesday, Microsoft patched multiple vulnerabilities in SMB (Server Message Block), the protocol used to facilitate the sharing of files, printers and serial ports between computers; two in SMB v3, and one in SMB v1. The vulnerabilities have been given catchy names, SMBleed and SMBLost, respectively. Cybersecurity firm Tenable has posted a technical summary on the concerns of each. Regarding SMBleed (CVE-2020-1206), the biggest concern is related to a prior patch for “SMBGhost” (CVE-2020-0796) in March for the same feature of SMB v3. SMBleed is an information disclosure vulnerability.

OSIsoft PI Web API 2019 (ICSA-20-163-01) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on a cross-site scripting vulnerability in OSIsoft PI Web API 2019. PI Web API 2019 Patch 1 (1.12.0.6346) and all previous versions are affected. Successful exploitation of this vulnerability could allow a remote authenticated attacker with write access to a PI Server to trick a user into interacting with a PI Web API endpoint that executes arbitrary JavaScript in the user’s browser, resulting in view, modification, or deletion of data as allowed for by the victim’s user permissions.

FBI IC3 Releases Alert on Mobile Banking Apps

The FBI’s Internet Crime Complaint Center (IC3) has released an alert warning consumers of cyber risks associated with mobile banking apps. As more consumers rely on mobile apps for banking, malicious cyber actors are likely to increasingly target them with app-based banking Trojans and fake banking apps. The alert discusses the kinds of malicious that have been observed and that are likely to occur and offers tips for individuals to protect themselves and their organizations. Additionally, with the release of this advisory the U.S.

Siemens SINUMERIK (ICSA-20-161-06) – Products Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on buffer underflow, heap-based buffer overflow, improper initialization, out-of-bounds read, stack-based buffer overflow, access of memory location after end of buffer, off-by-one error, improper null termination, and improper initialization vulnerabilities in Siemens SINUMERIK products. The vulnerabilities affect numerous versions of SINUMERIK products. Successful exploitation of these vulnerabilities could allow remote code execution, information disclosure, and denial-of-service attacks under certain conditions.

Siemens LOGO! (ICSA-20-161-03) – Product Used in the Water and Wastewater and Energy Sectors

CISA has published an advisory on a missing authentication for critical function vulnerability in Siemens LOGO! All versions of LOGO!8 BM (including SIPLUS variants) are affected. Successful exploitation of this vulnerability could allow an attacker to read and modify device configurations and obtain project files from affected devices. Siemens recommends applying defense-in-depth concepts, including the protection concept outlined in the system manual. CISA also recommends a series of measures to mitigate the vulnerability.

Pages

Subscribe to Cybersecurity