You are here

Home » Cybersecurity

Cybersecurity

Schneider Electric Interactive Graphical SCADA System (ICSA-19-192-06) – Product Used in the Energy Sector

The NCCIC has published an advisory on an out-of-bounds write vulnerability in Schneider Electric Interactive Graphical SCADA System. IGSS Version 14 and prior are affected. Successful exploitation of this vulnerability could allow an attacker to achieve arbitrary code execution or crash the software. Schneider Electric recommends upgrading to Version 13.0.0.19140 or 14.0.0.19120. The NCCIC also advises of a series of measures for mitigating the vulnerabilities. Read the advisory at CISA.

AVEVA Vijeo Citect and Citect SCADA Floating License Manager (ICSA-19-192-05) – Product Used in the Energy Sector

The NCCIC has published an advisory on improper input validation and memory corruption vulnerabilities in Vijeo Citect and Citect SCADA Floating License Manager. Floating License Manager version 2.3.0.0 and earlier are affected. These vulnerabilities could allow an attacker to deny the acquisition of a valid license for legal use of the product. AVEVA recommends impacted users upgrade to Floating License Manager (FLM) Version 2.3.1.0 as soon as possible. The NCCIC also advises of a series of measures for mitigating the vulnerabilities.

Siemens SIMATIC RF6XXR (ICSA-19-192-04)

The NCCIC has published an advisory on improper input validation and cryptographic issues vulnerabilities in Siemens SIMATIC RF6XXR. All versions prior to 3.2.1 of RF615R and RF68XR are affected Successful exploitation of these vulnerabilities could allow access to sensitive information. Siemens recommends users upgrade to Version 3.2.1 or newer for both affected products and restrict network access to the device. The NCCIC also advises of a series of measures for mitigating the vulnerabilities.

Siemens TIA Administrator (TIA Portal) (ICSA-19-192-03) – Product Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on an improper access control vulnerability in TIA Administrator (TIA Portal). All versions prior to v1.0 SP1 Upd1 are affected Successful exploitation of this vulnerability could allow an execution of some commands without proper authentication. Siemens recommends users update to v1.0 SP1 Upd1 or later and restrict access to Port 8888/TCP to localhost (default). The NCCIC also advises of a series of measures for mitigating the vulnerability.

Delta Industrial Automation CNCSoft Screen Editor (ICSA-19-192-01)

The NCCIC has published an advisory on heap-based buffer overflow and out-of-bounds read vulnerabilities in Delta Electronics CNCSoft ScreenEditor. Versions 1.00.89 and prior are affected. Successful exploitation of these vulnerabilities could cause buffer overflow conditions that may allow information disclosure, remote code execution, or crash the application. Delta Electronics recommends users update to the latest version, Version 1.00.95, and restrict the interaction of the application to trusted files. The NCCIC also advises of a series of measures for mitigating the vulnerabilities.

ICS Policies and Procedures Need More Action

A recent post by world-renowned ICS cybersecurity expert, Ralph Langner describes why governance programs fail and offers practical solutions for this very valuable and tedious risk management program. This post provides complement material to WaterISAC’s 15 Cybersecurity Fundamentals for Water and Wastewater Utilities, specifically 9. Develop and Enforce Cybersecurity Policies and Procedures (Governance).

Microsoft Releases July 2019 Security Updates

Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Microsoft Windows, Internet Explorer, Microsoft Edge, Microsoft Office and Microsoft Office Services and Web Apps, Azure DevOps, Open Source Software, .NET Framework, Azure, SQL Server, ASP.NET, Visual Studio, and Microsoft Exchange Server. Read the update at Microsoft.

Compliance Does Not Mean Secure – Using ICS Threat Intelligence to Go Beyond the Basics

Meeting compliance requirements does provide a basic level of security, but for a comprehensive ICS risk management strategy, it is prudent to apply ICS-specific threat intelligence to go beyond the basics. ICS cybersecurity firm Dragos, Inc. stresses as the number of adversaries and ICS attacks increase, companies will greatly benefit from using real-life scenarios such as the CRASHOVERRIDE and TRISIS incidents to implement better defenses.

Schneider Electric Zelio Soft 2 (ICSA-19-190-03)

The NCCIC has published an advisory on user after free vulnerability in Schneider Electric Zelio Soft 2. Zelio Soft 2 versions 5.2 and prior are affected. Successful exploitation of this vulnerability could allow remote code execution through the opening of a specially crafted project file. Schneider Electric reports that version 5.3 of the affected software mitigates the reported vulnerability. The NCCIC also advises of a series of measures for mitigating this vulnerability.

Rockwell Automation PanelView 5510 (ICSA-19-190-02) – Product Used in the Water and Wastewater Sector

The NCCIC has published an advisory on an improper access control vulnerability in Rockwell Automation PanelView 5510. All versions manufactured before March 13, 2019, that have never been updated to v4.003, v5.002, or later, are affected. Successful exploitation of this vulnerability could allow a remote unauthenticated user to gain root privileges on the device. Rockwell Automation encourages users of the affected products to update to an available revision that addresses the vulnerability. The NCCIC also advises of a series of measures for mitigating this vulnerability.

Pages

Subscribe to Cybersecurity