CISA Releases Six Advisories for Industrial Management Methods

The Cybersecurity and Infrastructure Safety Company (CISA) has issued six advisories regarding vulnerabilities:

• Rockwell Automation’s RSLogix 5 and RSLogix 500 software program,
• IDEC PLCs,
• IDEC CORPORATION WindLDR and WindO/I-NV4,
• MegaSys Laptop Applied sciences Telenium On-line Internet Software,
• Kastle Methods Entry Management System
• Treck TCP/IP (Replace I).

These advisories spotlight important industrial management system vulnerabilities.

Rockwell Automation’s RSLogix 5 and RSLogix 500 software program

Rockwell Automation’s RSLogix 5 and RSLogix 500 software program are weak as a consequence of inadequate verification of knowledge authenticity, recognized as CVE-2024-7847.

– Commercial –

This vulnerability has a CVSS v4 rating of 8.8, indicating excessive severity. It’s exploitable domestically with excessive assault complexity.

The flaw permits an attacker to embed a malicious VBA script inside a venture file, which might execute with out consumer intervention upon opening.

This might allow distant code execution, posing vital dangers. All variations of RSLogix 500, RSLogix Micro Developer and Starter, and RSLogix 5 are affected, requiring pressing consideration to mitigate potential exploitation.

 IDEC PLCs

IDEC Company’s PLCs are affected by vulnerabilities involving the cleartext transmission of delicate data and the era of predictable identifiers.

With a CVSS v3 rating of 5.3, these points current average danger and low assault complexity. Exploitation might result in unauthorized entry to consumer authentication knowledge or communication disruptions.

Affected merchandise embody the FC6A and FC6B Sequence MICROSmart All-in-One and CPU modules (variations 2.60 and prior) and the FT1A Sequence SmartAXIS Professional/Lite (variations 2.41 and prior).

CVE-2024-41927 addresses the cleartext vulnerability, whereas CVE-2024-28957 pertains to predictable identifiers, highlighting the necessity for immediate mitigation measures.

IDEC CORPORATION WindLDR and WindO/I-NV4

IDEC Company’s WindLDR and WindO/I-NV4 software program are weak as a result of cleartext storage of delicate data, recognized as CVE-2024-41716.

This vulnerability has a CVSS v3 rating of 5.9, indicating a average danger degree. It’s exploitable remotely, and profitable exploitation might permit attackers to acquire delicate consumer authentication data.

Affected variations embody WindLDR model 9.1.0 and prior and WindO/I-NV4 model 3.0.1 and prior.

The vulnerability, categorized underneath CWE-312, highlights the significance of addressing cleartext storage points to guard delicate knowledge from unauthorized entry and potential exploitation by menace actors.

Decoding Compliance: What CISOs Must Know – Be a part of Free Webinar

MegaSys Laptop Applied sciences Telenium On-line Internet Software

MegaSys Laptop Applied sciences’ Telenium On-line Internet Software is affected by a important vulnerability as a consequence of improper enter validation, recognized as CVE-2024-6404.

With a CVSS v4 rating of 9.3, this subject is very extreme, and exploitable remotely with low assault complexity.

The vulnerability permits attackers to inject arbitrary Perl code by means of crafted HTTP requests, doubtlessly resulting in distant code execution on the server.

Variations 8.3 and earlier than the Telenium On-line Internet Software are affected. This flaw, categorized underneath CWE-20, underscores the necessity for sturdy enter validation to stop unauthorized code execution and defend server integrity.

Kastle Methods Entry Management System

Kastle Methods’ Entry Management System is weak as a consequence of hard-coded credentials and cleartext storage of delicate data, recognized as CVE-2024-45861 and CVE-2024-45862.

With a CVSS v4 rating of 9.2, these vulnerabilities are extremely extreme, exploitable remotely, and low in assault complexity.

Firmware variations earlier than Might 1, 2024, are affected. Exhausting-coded credentials (CWE-798) might permit unauthorized entry to delicate data, whereas cleartext storage (CWE-312) additional exposes knowledge to potential attackers.

These points spotlight the important want for safe credential administration and knowledge safety practices in entry management techniques.

Treck TCP/IP (Replace I)

The Ripple20 vulnerabilities are a collection of important safety flaws found within the Treck TCP/IP stack, broadly used throughout numerous units and industries.

These vulnerabilities can permit distant code execution, knowledge breaches, and different extreme impacts.

Beneath is an in depth have a look at every vulnerability, categorized by their Widespread Vulnerabilities and Exposures (CVE) identifiers.

CVE-2020-11896: Improper Dealing with of Size Parameter Inconsistency (CWE-130)

This vulnerability impacts the IPv4/UDP part, the place improper dealing with of size parameters can result in distant code execution. It has a CVSS v3 rating of 10.0, indicating important severity.

CVE-2020-11897: Improper Dealing with of Size Parameter Inconsistency (CWE-130)

Much like CVE-2020-11896, this flaw impacts the IPv6 part, doubtlessly inflicting out-of-bounds writes. It additionally has a CVSS v3 rating of 10.0.

CVE-2020-11898: Improper Dealing with of Size Parameter Inconsistency (CWE-130)

This impacts the IPv4/ICMPv4 part and can lead to out-of-bounds reads. The CVSS v3 rating is 9.1.

CVE-2020-11899: Improper Enter Validation (CWE-20)

Discovered within the IPv6 part, this vulnerability permits out-of-bounds reads and attainable denial of service assaults. Its CVSS v3 rating is 5.4.

CVE-2020-11900: Double Free (CWE-415)

This subject within the IPv4 tunneling part can result in use-after-free situations. It has a CVSS v3 rating of 8.2.

CVE-2020-11901: Improper Enter Validation (CWE-20)

Impacts the DNS resolver part, enabling distant code execution with a CVSS v3 rating of 9.0.

CVE-2020-11902: Improper Enter Validation (CWE-20)

This vulnerability in IPv6 over IPv4 tunneling permits out-of-bounds reads, with a CVSS v3 rating of seven.3.

CVE-2020-11903: Out-of-Bounds Learn (CWE-125)

Discovered within the DHCP part, it might expose delicate data. The CVSS v3 rating is 5.3.

Remaining Vulnerabilities

The remaining vulnerabilities embody points like integer overflow (CVE-2020-11904), improper null termination (CVE-2020-11908), and improper entry management (CVE-2020-11911), amongst others. Every presents various levels of danger, with CVSS scores starting from 3.1 to five.6.

To mitigate these vulnerabilities, organizations should replace their techniques with patches offered, implement community segmentation, and monitor community visitors for uncommon actions.

Are You From SOC/DFIR Groups? - Strive Superior Malware and Phishing Evaluation With ANY.RUN - 14-day free trial