The Cybersecurity and Infrastructure Security Agency (CISA) has released nine new Industrial Control Systems (ICS) advisories that the agency says will “provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.”
The Jan. 11 advisories warn stakeholders that utilize ICS products from various companies, such as Siemens, to quickly patch their devices and avoid becoming targets of hackers.
Six of the nine advisories are focused on Siemens vulnerabilities – which include the Siemens Teamcenter Visualization and JT2Go advisory – that allow “an attacker to execute code in the context of the software’s current process or crash the application causing a denial of service,” and the Siemens Spectrum Power 7 advisory, which can potentially allow an authenticated local attacker to inject arbitrary code and gain root access.
Other advisories include Siemens SICAM A8000, which could allow an authenticated remote attacker to inject commands executed on the device with root privileges during device startup. The advisories also cover Siemens SIMATIC CN 4100 vulnerability, which can possibly allow a denial-of-service attack by allowing a remote login attack.
Additionally, the report outlines the following advisories:
- Siemens SIMATIC, which could allow an attacker to gain remote unauthorized access;
- Siemens Solid Edge vulnerabilities that could allow an attacker to use specially crafted PAR files to execute code in the context of the current process;
- Rapid Software LLC Rapid SCADA, that could result in an attacker reading sensitive files from the Rapid Scada server;
- Horner Automation Cscape, that could allow an attacker to execute arbitrary code;
- Schneider Electric Easergy Studio, that could allow an attacker logged in with a user level account to gain higher privileges by providing a harmful serialized object;
“CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations,” stated the agency.
