You are here

Home » Cybersecurity

Cybersecurity

Siemens TIA Administrator (TIA Portal) (ICSA-19-192-03) – Product Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on an improper access control vulnerability in TIA Administrator (TIA Portal). All versions prior to v1.0 SP1 Upd1 are affected Successful exploitation of this vulnerability could allow an execution of some commands without proper authentication. Siemens recommends users update to v1.0 SP1 Upd1 or later and restrict access to Port 8888/TCP to localhost (default). The NCCIC also advises of a series of measures for mitigating the vulnerability.

Delta Industrial Automation CNCSoft Screen Editor (ICSA-19-192-01)

The NCCIC has published an advisory on heap-based buffer overflow and out-of-bounds read vulnerabilities in Delta Electronics CNCSoft ScreenEditor. Versions 1.00.89 and prior are affected. Successful exploitation of these vulnerabilities could cause buffer overflow conditions that may allow information disclosure, remote code execution, or crash the application. Delta Electronics recommends users update to the latest version, Version 1.00.95, and restrict the interaction of the application to trusted files. The NCCIC also advises of a series of measures for mitigating the vulnerabilities.

ICS Policies and Procedures Need More Action

A recent post by world-renowned ICS cybersecurity expert, Ralph Langner describes why governance programs fail and offers practical solutions for this very valuable and tedious risk management program. This post provides complement material to WaterISAC’s 15 Cybersecurity Fundamentals for Water and Wastewater Utilities, specifically 9. Develop and Enforce Cybersecurity Policies and Procedures (Governance).

Microsoft Releases July 2019 Security Updates

Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Internet Explorer, Microsoft Edge, Microsoft Office and Microsoft Office Services and Web Apps, Azure DevOps, Open Source Software, .NET Framework, Azure, SQL Server, ASP.NET, Visual Studio, and Microsoft Exchange Server. Read the update at Microsoft.

Compliance Does Not Mean Secure – Using ICS Threat Intelligence to Go Beyond the Basics

Meeting compliance requirements does provide a basic level of security, but for a comprehensive ICS risk management strategy, it is prudent to apply ICS-specific threat intelligence to go beyond the basics. ICS cybersecurity firm Dragos, Inc. stresses as the number of adversaries and ICS attacks increase, companies will greatly benefit from using real-life scenarios such as the CRASHOVERRIDE and TRISIS incidents to implement better defenses.

Schneider Electric Zelio Soft 2 (ICSA-19-190-03)

The NCCIC has published an advisory on user after free vulnerability in Schneider Electric Zelio Soft 2. Zelio Soft 2 versions 5.2 and prior are affected. Successful exploitation of this vulnerability could allow remote code execution through the opening of a specially crafted project file. Schneider Electric reports that version 5.3 of the affected software mitigates the reported vulnerability. The NCCIC also advises of a series of measures for mitigating this vulnerability.

Rockwell Automation PanelView 5510 (ICSA-19-190-02) – Product Used in the Water and Wastewater Sector

The NCCIC has published an advisory on an improper access control vulnerability in Rockwell Automation PanelView 5510. All versions manufactured before March 13, 2019, that have never been updated to v4.003, v5.002, or later, are affected. Successful exploitation of this vulnerability could allow a remote unauthenticated user to gain root privileges on the device. Rockwell Automation encourages users of the affected products to update to an available revision that addresses the vulnerability. The NCCIC also advises of a series of measures for mitigating this vulnerability.

Emerson DeltaV Distributed Control System (ICSA-19-190-01) – Product Used in the Energy Sector

The NCCIC has published an advisory on a use of hard-coded credentials vulnerability in Emerson DeltaV Distributed Control System. Versions 11.3.x and 12.3.x are affected. Successful exploitation of this vulnerability could allow an attacker to gain administrative access to DeltaV Smart Switches. Emerson recommends users patch affected products. The NCCIC also advises of a series of measures for mitigating this vulnerability. Read the advisory at CISA.

U.S. Cyber Command Issues Alert about Hackers Exploiting Outlook Vulnerability

Last week, U.S. Cyber Command issued an alert via Twitter about threat actors abusing an Outlook vulnerability to plant malware on government networks. The vulnerability is CVE-2017-11774, a security bug that Microsoft patched in Outlook in October 2017. U.S. Cyber Command recommends immediate patching, if not done already.

Pages

Subscribe to Cybersecurity