You are here

Home » Cybersecurity

Cybersecurity

WAGO PFC200 (ICSA-17-341-01)

ICS-CERT has released an alert on an improper authentication vulnerability affecting WAGO PFC200, a Programmable Logic Controller (PLC) device. The vulnerability is exploitable by sending a TCP payload on the bound port. ICS-CERT has notified WAGO of the report and has asked it to confirm the vulnerability and identify mitigations. ICS-CERT is issuing this alert to provide notice of the report and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.

Tags: 
ics-cert wago

Xiongmai Technology IP Cameras and DVRs (ICSA-17-341-01)

ICS-CERT has released an alert on a Xionmai Technology IP cameras and DVRs vulnerability. All IP cameras and DVRs using the NetSurveillance Web interface are affected. Successful exploitation of this vulnerability could cause the device to reboot and return to a more vulnerable state in which Telnet is accessible. Xiongmai Technology has not responded to requests to coordinate with NCCIC/ICS-CERT. ICS-CERT recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability.

Tags: 
ics-cert

Rockwell Automation FactoryTalk Alarms and Events (ICSA-17-341-02) – Product Used in Water and Wastewater Sectors

ICS-CERT has released an advisory on a Rockwell Automation FactoryTalk Alarms and Events vulnerability. Several versions of the product are affected. Successful exploitation of this vulnerability may allow an attacker to cause a denial of service condition in the history archiver service running on FactoryTalk Alarms and Events. Rockwell Automation recommends upgrading to the latest version of FactoryTalk Alarms and Events, Version 2.90 or later, and applying available patches. ICS-CERT.

Tags: 
ics-alert rockwell

WaterISAC and Perch Security – Bringing Utilities Together to Fight Cybercrime

More and more water and wastewater utilities rely on advanced technology for plant automation and IT/OT convergence, a reality cyber criminals are not ignorant to. As such, commodity threats like ransomware and business email compromise (BEC), and sophisticated threats like Dragonfly are not uncommon occurrences in the water and wastewater sector. Sifting through the volumes of information on these and other potential threats to understand those that actually represent risks would entail a significant investment of time and resources for any organization.

Tags: 
perch

Geovap Reliance SCADA (ICSA-17-334-02) – Product Used in Water and Wastewater and Energy Sectors

ICS-CERT has released an advisory on a Geovap Reliance vulnerability. Reliance SCADA Version 4.7.3 Update 2 and prior versions are affected. Successful exploitation of this vulnerability could allow an unauthenticated attacker to inject arbitrary JavaScript in a specially crafted URL request that may allow for read/write access. To address this vulnerability, Geovap has released Version 4.7.3 Update 3 of the software. Additionally, ICS-CERT recommends a series of defensive measures to minimize the risk of exploitation of the vulnerability.

Tags: 
ics-cert geovap reliance

Siemens SWT3000 (ICSA-17-334-01) – Product Used in Energy Sector

ICS-CERT has released an advisory on a Siemens SWT3000 vulnerability. Multiple versions of this product are affected. Successful exploitation of these vulnerabilities under certain conditions may allow attackers to perform a denial-of-service attack. Siemens has provided updated firmware that fixes the vulnerabilities and recommends users update to the newest version. Additionally, ICS-CERT recommends a series of defensive measures to minimize the risk of exploitation of the vulnerability.

Tags: 
ics-cert siemens

Siemens SCALANCE W1750D, M800, and S615 (ICSA-17-332-01) – Product Used in Water and Wastewater and Energy Sectors

ICS-CERT has released an advisory on a Siemens SCALANCE W1750D, M800, and S615 vulnerability. All versions of these products are affected. Successful exploitation of these vulnerabilities could allow a remote attacker to crash the DNS service or execute arbitrary code by crafting malicious DNS responses. Siemens reports it is preparing updates for the affected products and recommends a series of mitigations. Additionally, ICS-CERT recommends a series of defensive measures to minimize the risk of exploitation of the vulnerability.

Tags: 
ics-cert siemens

PHOENIX CONTACT WLAN Capable Devices Using the WPA2 Protocol (ICSA-17-325-01)

ICS-CERT has released an advisory on a PHOENIX CONTACT WLAN capable devices using the WPA2 Protocol vulnerability. Numerous versions of these devices are affected. Successful exploitation of this vulnerability could allow an attacker to operate as a “man-in-the-middle” between a device and a wireless access point.

Tags: 
ics-cert phoenix contact

Siemens SICAM (ICSA-17-320-02) – Product Used in Energy Sector

ICS-CERT has released an advisory on a Siemens SICAM vulnerability. All versions of SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, DNPi00 are affected. Successful exploitation of these vulnerabilities could allow an unauthenticated remote attacker to execute arbitrary code. Siemens provides a series of steps to mitigate this vulnerability, which includes disabling the web server after commissioning. Additionally, ICS-CERT recommends a series of defensive measures to minimize the risk of exploitation of the vulnerability.

Tags: 
ics-cert siemens

Moxa Nport 5110, 5130, and 5150 (ICSA-17-320-01) – Product Used in Energy Sector

ICS-CERT has released an advisory on a Moxa Nport 5110, 5130, and 5150 vulnerability. Numerous versions of these products are affected. Successful exploitation of these vulnerabilities could allow for remote code execution on the device. Moxa has produced new firmware for the affected devices Additionally, ICS-CERT recommends a series of defensive measures to minimize the risk of exploitation of the vulnerability. ICS-CERT.

Tags: 
ics-cert moxa

Pages

Subscribe to Cybersecurity