Trending

News

CISA: Seven(7) New Advisories for Industrial Control Systems

Listen to this article

The Cybersecurity and Infrastructure Security Agency (CISA) has issued seven new advisories detailing critical vulnerabilities in commonly used Industrial Control Systems (ICS).

If exploited, these vulnerabilities could enable attackers to breach critical infrastructure, execute arbitrary code, or trigger significant operational disruptions.

The advisories address systems used worldwide across sectors like healthcare, energy, manufacturing, transportation, and water management.

A detailed overview of the reported vulnerabilities and their corresponding CVEs is provided below.

  1. MOBATIME Network Master Clock
    CVE-2024-12286 – The MOBATIME Network Master Clock – DTS 4801, widely used for time synchronization in healthcare and transportation, contains a critical vulnerability stemming from default credentials (CWE-1392).

This flaw allows attackers to remotely access the system via SSH, granting full control over the operating system.

Affected Firmware: Version 00020419.01.02020154.
Severity: With a CVSS v4 score of 9.3, this vulnerability poses a serious threat to the reliability of time-sensitive systems.

  1. Schneider Electric EcoStruxure Foxboro DCS Core Control Services
    CVE-2024-5679 – An out-of-bounds write in the Foxboro.sys driver could lead to local denial of service or a kernel memory leak. Exploitation through malicious scripts may compromise system functionality.

CVE-2024-5680 – Improper array index validation in the Foxboro.sys driver could cause a denial of service condition when exploited via malicious scripts.

CVE-2024-5681 – Improper input validation in the Foxboro.sys driver could enable privilege escalation or kernel execution through malicious scripts.

Affected Versions: EcoStruxure Foxboro DCS versions 9.8 and earlier.

  1. Schneider Electric FoxRTU Station
    CVE-2024-2602 – A path traversal vulnerability (CWE-22) in FoxRTU Station allows attackers to execute malicious project files, resulting in remote code execution.

Affected Versions: All versions prior to 9.3.0.
Risk: This flaw significantly impacts the manufacturing, energy, and water sectors.

  1. National Instruments LabVIEW
    CVE-2024-10494 – An out-of-bounds read in the HeapObjMapImpl function could enable sensitive data disclosure or arbitrary code execution.

CVE-2024-10495 – A font table loading vulnerability could expose systems to data extraction or code execution.

CVE-2024-10496 – The BuildFontMap function contains an out-of-bounds read vulnerability, heightening the risk of malicious activity.

Affected Versions: LabVIEW Q3 (24.3f0) and earlier.

  1. Horner Automation Cscape
    CVE-2024-9508 – A memory corruption vulnerability in Cscape could lead to information disclosure or arbitrary code execution.

CVE-2024-12212 – Insufficient validation of CSP files causes an out-of-bounds read vulnerability, enabling arbitrary code execution.

Affected Versions: Cscape 10.0.363.1 and earlier.

  1. Rockwell Automation Arena
    CVE-2024-11155 – A use-after-free vulnerability in Arena could allow arbitrary code execution when malicious DOE files are processed.

CVE-2024-11156 – An out-of-bounds write vulnerability enables attackers to write beyond allocated memory, allowing code execution.

CVE-2024-11158 – Improper initialization of variables in Arena could lead to exploitation.

CVE-2024-12130 – An out-of-bounds read vulnerability may permit malicious code execution.

Affected Versions: Arena versions prior to 16.20.06.

  1. Ruijie Reyee OS
    CVE-2024-47547 – Weak password recovery mechanisms expose systems to brute-force attacks.

CVE-2024-52324 – A vulnerable function allows attackers to send malicious MQTT messages, leading to arbitrary OS command execution.

CVE-2024-48874 – A server-side request forgery (SSRF) vulnerability could enable unauthorized internal network requests and access to sensitive cloud infrastructure.

CVE-2024-42494 – Sensitive personal information is vulnerable to unauthorized access, risking data exfiltration.

CISA’s advisories underscore the growing threats to Industrial Control Systems (ICS) that support critical infrastructure worldwide. These vulnerabilities, ranging in severity, reveal the sophistication of cyberattacks targeting operational technology.

Organizations must prioritize firmware updates, secure access credentials, and enhance network protections to address these risks. Safeguarding ICS environments is vital to prevent disruptions to essential services and operations.
Cyberkitera

Cyberkitera is a premier cybersecurity publishing platform dedicated to providing the latest insights, expert security tips, and news across all areas of cybersecurity. Our mission is to empower individuals and businesses with knowledge to prevent cyber threats, stay informed about emerging trends, and safeguard their digital assets. From industry updates to practical advice on protecting against cyber attacks, Cyberkitera is your trusted source for staying ahead in the ever-evolving world of cybersecurity.

view all posts

Related Posts

Post Comment

You May Have Missed