You are here

Home

Cybersecurity

Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU (Update A) (ICS-ALERT-19-225-01)

The NCCIC has updated its alert on proof-of-concept exploit code affecting Mitsubishi Electric Europe B.V. smartRTU (Versions 2.02 and prior) and INEA ME-RTU (Versions 3.0 and prior), remote terminal products. According to a public report on the matter, there are multiple vulnerabilities that could be exploited to gain remote code execution with root privileges. CISA has notified Mitsubishi Electric Europe B.V. of the report and has asked them to confirm the vulnerabilities and identify mitigations.

Siemens SIMATIC TDC CP51M1 (ICSA-19-253-05)

The NCCIC has published an advisory on an improper input validation vulnerability in Siemens SIMATIC TDC CP51M1. All versions prior to 1.1.7 are affected. Successful exploitation of this vulnerability could create a denial-of-service condition within UDP communication. Siemens recommends users update to Version 1.1.7 or later. The NCCIC also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Delta Electronics TPEditor (ICSA-19-253-01)

The NCCIC has published an advisory on stack-based buffer overflow, heap-based buffer overflow, and out-of-bounds write vulnerabilities in Delta Electronics TPEditor. Versions 1.94 and prior are affected. Successful exploitation of these vulnerabilities may allow information disclosure, remote code execution, or may crash the application. Delta Electronics recommends affected users update to the latest version of Delta Industrial Automation TPEditor, Version 1.95. The NCCIC also recommends a series of measures to mitigate the vulnerabilities.

OSIsoft PI SQL Client (ICSA-19-253-06) – Product Used in the Energy Sector

The NCCIC has published an advisory on an integer overflow wraparound vulnerability in OSIsoft PI SQL Client. PI SQL Client 2018 (PI SQL Client OLEDB 2018) is affected. Successful exploitation of this vulnerability could allow remote code execution or cause a denial of service, resulting in disclosure, deletion, or modification of information. OSIsoft recommends users upgrade to PI SQL Client 2018 R2 or later to resolve this issue. The NCCIC also recommends a series of measures to mitigate the vulnerability.

Siemens IE-WSN-PA Link WirelessHART Gateway (ICSA-19-253-04) – Products Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on a cross-site scripting vulnerability in Siemens IE/WSN-PA Link WirelessHART Gateway. All versions are affected. Successful exploitation of this vulnerability could allow information disclosure, code execution, or denial-of-service.  Siemens has identified specific workarounds and mitigations that users can apply to reduce the risk. The NCCIC also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Siemens SINETPLAN (ICSA-19-253-02) – Product Used in the Water and Wastewater and Energy Sectors

The NCCIC has published an advisory on an improper authorization vulnerability in Siemens Network Planner (SINETPLAN). Version 2.0 is affected. Successful exploitation of this vulnerability could allow information disclosure, code execution, and denial-of-service. Siemens recommends users update TIA Administrator to Version 1.0 SP1 Upd1. The NCCIC also recommends a series of measures to mitigate the vulnerability. Read the advisory at CISA.

Ransomware Protection Strategies

The Cybersecurity and Infrastructure Security Agency (CISA) has posted a page on ransomware protection strategies, in which it notes it has observed an increase in ransomware attacks across the nation. It adds that one of its chief priorities is to help organizations protect themselves from ransomware, and in support of this mandate it encourages its partners to review a series of resources to help prevent, mitigate, and recover from these attacks.

Red Lion Controls Crimson (ICSA-19-248-01)

The NCCIC has published an advisory on use after free, improper restriction of operations within the bounds of a memory buffer, pointer issues, and use of hard-coded cryptographic key vulnerabilities in Red Lion Controls Crimson. Versions 3.0 and prior and versions 3.1 and prior, to release 3112.00, are affected. Red Lion Controls recommends users migrate to Crimson 3.1 release 3112.00 or later where the model choice allows. The NCCIC also recommends a series of measures to mitigate the vulnerabilities.

Pages

Subscribe to Cybersecurity