Sunday, June 8, 2014

At Positive Hack Days IV (www.phdays.com) we have a lot of fun.
First of all we released more details about new vulnerabilities in Siemens WinCC OA, S7 1200 and S7 1500 PLC, ABB, SmartGrid and SCADA In the cloud.

Please check out slides.

Monday, May 26, 2014

Emerson DeltaV Vulnerabilities/Fixes

DeltaV Versions 10.3.1, 11.3, 11.3.1, and 12.3
Can be related to Emerson AMS Device Management version, Emerson AMS Wireless SNAP-ON also.

CVE-2014-2349 - World writable system folder
CVE-2014-2350 - Hardcoded credentials

Please find fixes in KBA NK-1400-0031.

Kudos: Kirill Nesterov, Alexander Tlyapov, Dmitry Nagibin, Alexey Osipov and Timur Yunusov

Emerson has assigned CVSS v2 base score of 2.4; the CVSS vector string is (AV:L/AC:H/Au:S/C:N/I:P/A:P).

Hmmm, 2.4? BTW


Details

Enjoy

Monday, May 5, 2014

Too Smart Grid in da Cloud

Vulnerabilities/fixes in SolarLog Solar Plant Data Loger (http://www.solar-log.net/).


PT-2014-08: Password Access in Solar-Log
PT-2014-07: Sensitive Information Disclosure in Solar-Log
PT-2014-06: Arbitrary File Upload in Solar-Log

Saturday, March 15, 2014

All your PLC are belong to us (2)

Fixes for Siemens S7 1500 PLC are published.
Thanks to Yury Goltsev, Ilya Karpov, Alexey Osipov, Dmitry Serebryannikov and Alex Timorin.
There are a lot of, but combination of Authentication bypass (INSUFFICIENT ENTROPY/CVE-2014-2251) and Hardcoded SNMP community string (once again)/NO-CVE/Unfixed is the best.

Links



http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-456423.pdf

http://ics-cert.us-cert.gov/advisories/ICSA-14-073-01

Some good stuff for 1200/TIA portal in queue.

Enjoy...

Wednesday, February 5, 2014

Fixes for SIMATIC WinCC Open Architecture (SSA-342587/ICSA-14-035-01)

Good news! The Large Hadron Collider more safe now! Published fixes for several vulnerabilies in SIMATIC WinCC OA all versions prior to 3.12 P002.

Preauth RCE CVE-2014-1697
Path Traversal CVE-2014-1698
Preauth DoS CVE-2014-1699
Weak password "encryption" CVE-2014-1696

Kudos Gleb Gritsai, Ilya Karpov, and Kirill Nesterov.


Fixes and info

http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-342587.pdf

https://ics-cert.us-cert.gov/advisories/ICSA-14-035-01

Enjoy

PS. It's all about slide 50 there