CISA Warns for Vulnerabilities in Industrial Control Systems (ICS)

Home/Compromised, Internet Security, malicious cyber actors, Security Advisory, Security Update, vulnerability/CISA Warns for Vulnerabilities in Industrial Control Systems (ICS)

CISA Warns for Vulnerabilities in Industrial Control Systems (ICS)

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released several Industrial Control Systems (ICS) advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens.

The advisories mention various vulnerability types, and the CVSS scores range from 5.9 to 10.0. 

Affected Products 

GE Digital: 

  • Proficy Historian v7.0 and higher versions

Siemens: 

  • SINEC INS: versions prior to V1.0 SP2 Update 1 

Contec: 

  • CONPROSYS HMI System (CHS): Ver.3.4.4 and prior 
  • CONPROSYS HMI System (CHS): Ver.3.4.5 and prior 

Mitsubishi: 

  • MELSEC iQ-F Series with serial number 17X**** or later:
  • MELSEC iQ-F Series with serial number 179**** and prior:
  • FX5U-xMy/z x=32,64,80, y=T,R, z=ES,DS,ESS,DSS: Versions 1.074 and prior
  • MELSEC iQ-F Series FX5UC-32MT/DS-TS, FX5UC-32MT/DSS-TS, FX5UC-32MR/DS-TS: Versions 1.280 and prior

CVE-2022-46732 (CVSS score: 9.8): It is an authentication bypass vulnerability that makes use of a different path or channel. 

CVE-2022-45092 (CVSS score: 9.9): It is a path traversal vulnerability found in Siemens SINEC INS that may allow remote code execution. The affected product’s web-based management (443/TCP) could allow an authenticated remote attacker to read and write arbitrary files to and from the device’s file system. 

CVE-2022-2068 (CVSS score: 9.8): It is an OS command injection flaw found in Siemens SINEC INS that could lead to remote code execution

CVE-2022-35256 (CVSS score: 9.8): It is an authentication bypass flaw in the llhttp parser that threat actors could use in remote code execution. The header fields not terminated with CLRF are not handled correctly by the llhttp parser in the http module of Node.js v18.7.0. HRS might result from this. 

CVE-2022-2274 (CVSS score: 9.8): It is an out-of-bounds write vulnerability in the OpenSSL library that could be used for remote code execution. 

Recommendations:

CISA strongly advises all administrators and users to visit the advisories and implement appropriate security measures. If vendor fixes and mitigations are currently available, they are included in the advisories. 

Post Views: 243
By | 2023-01-19T22:33:08+05:30 January 19th, 2023|Compromised, Internet Security, malicious cyber actors, Security Advisory, Security Update, vulnerability|

About the Author:

FirstHackersNews- Identifies Security

Related Posts

Leave A Comment

Subscribe to our newsletter to receive security tips everday!