us-cert

This updated advisory is a follow-up to the advisory update titled ICSA-21-315-03 Siemens SIMATIC WinCC (Update D) that was published April 14, 2022, to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for a Path Traversal, and Insertion of Sensitive Information into Log File vulnerabilities in Siemens SIMATIC WinCC, a SCADA HMI system.

This advisory contains mitigations for Improper Input Validation, Unrestricted Upload of File with Dangerous Type, Authentication Bypass by Capture-replay, Generation of Error Message Containing Sensitive Information vulnerabilities in the Dahua ASI7213X-T1 facial recognition access controller.

This updated advisory is a follow-up to the original advisory titled ICSA-22-055-03 Schneider Electric Easergy P5 and P3 that was published February 24, 2022, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Use of Hard-coded Credentials, Classic Buffer Overflow, and Improper Input Validation vulnerabilities in Schneider Electric Easergy P5 and P3 medium voltage protection relays.

This advisory contains mitigations for an Improper Restriction of Rendered UI Layers or Frames vulnerability in the Rockwell Automation MicroLogix controllers.

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Bently Nevada Equipment: 3701/4X series and 60M100 (3701/60) Condition Monitoring System Vulnerabilities: Use of Hard-coded Credentials, Missing Authentication for Critical Function CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found in multiple operational technology (OT) vendors. CISA is issuing this advisory to provide notice of the reported vulnerabilities and identify baseline mitigations for reducing risks to these and other cybersecurity attacks. 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow file manipulation, remote code execution, or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Bently Nevada 3700 machinery monitors are affected: Bently Nevada 3701/40: All versions prior to 4.1 Bently Nevada 3701/44: All versions prior to 4.1 Bently Nevada 3701/46: All ...

This updated advisory is a follow-up to the original advisory titled ICSA-21-280-04 Mitsubishi Electric MELSEC iQ-R Series C Controller Module (Update A) that was published October 28, 2021, to the ICS webpage on us-cert.cisa.gov. This advisory contains mitigations for an Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R Series C controller module products.

This advisory contains mitigations for an Improper Authentication vulnerability in the Exemys RME1 analog acquisition module.

This advisory contains mitigations for a Use of Insufficiently Random Values vulnerability in the Yokogawa Wide Area Communication Router.

This advisory contains mitigations for a Missing Authentication for Critical Function, Use of Hard-coded Credentials, Insufficient Verification of Data Authenticity, and Use of a Broken or Risky Cryptographic Algorithm vulnerabilities in the Emerson DeltaV Distributed Control System software management platform.

This advisory contains mitigations for a Cross-site Scripting, and OS Command Injection vulnerabilities in the Distributed Data Systems WebHMI SCADA system.