This week we have six vendor disclosures from Advantech,
PEPPERL+FUCHS, WAGO, Philips, RUCKUS, and Rockwell (2). We have five vendor
updates from Carestream, Mitsubishi, Rockwell, Siemens, and Software Toolbox.

Advantech Advisory

Advantech published an
describing six vulnerabilities in their Spectre RT ERT351 and

B+B SmartWorx ERT351 products. The vulnerabilities were
reported by Vlad Komarov of ScadaX, and Evgeniy Druzhinin and Ilya Karpov of
Rostelecom-Solar. Advantech has new firmware versions that mitigate the
vulnerabilities. There is no indication that the researchers have been provided
an opportunity to verify the efficacy of the fix.

The six reported vulnerabilities are:

• Improper neutralization of input
during web page generation – CVE-2019-18233,

• Cleartext transmission of
sensitive information – CVE-2019-18231,

• Improper restriction of excessive
authentication attempts – CVE-2019-18235 (Linux vuln),

• Insufficiently protected credentials
(no CVE number),

• Usage of broken or risky
cryptographic algorithm – CVE-2019-18237,

• Use of vulnerable third-party
software – CVE-2019-18239 (OpenSSH and OpenSSL)


CERT VDE published an advisory
describing a deserialization of untrusted data vulnerability in the PEPPERL+FUCHS
PACTware product. This is a third-party (fdtCONTAINER component by M&M
Software GmbH) vulnerability. The vulnerability was
by M&M Software. The vulnerability will be corrected in a
version to be released in the second quarter.

WAGO Advisory

CERT VDE published an advisory
describing a deserialization of untrusted data vulnerability in unnamed WAGO workstations.
This is the same third-party (M&M Software) vulnerability described above.

Philips Advisory

Philips published an advisory
describing an undescribed vulnerability on products running on their older
Haswell workstations. Philips has a patch that mitigates the vulnerability.

RUCKUS Advisory

RUCKUS published an advisory
describing two vulnerabilities in the LLDP module of Ruckus Network’s AP
products. These are third-party library vulnerabilities originally reported by Florian
Weimer (see links below for original reporting). RUCKUS has patches that mitigate
the vulnerabilities.

The two reported vulnerabilities are:

• Classic buffer overflow – CVE-2015-8011,

• Reachable assertion – CVE-2015-8012

Rockwell Advisories

Rockwell published an
describing a side-channel leakage vulnerability in the NXP 7x Secure
Authentication Microcontrollers. This is a third-party (Google Titan Security
Key) vulnerability reported
by NinjaLab. Rockwell provides generic mitigation measures.

NOTE: This is going to be an interesting one for a variety
of vendors.


Rockwell published
an advisory
describing the third-party (M&M Software) fdtCONTAINER
vulnerability described above in their FactoryTalk AssetCentre products.
Rockwell has a software update that mitigates the vulnerability.

NOTE: Third-party vulnerabilities strike far and wide

Carestream Update

Carestream published an
[.PDF download link] for their Bad
 advisory that was originally
on October 15th, 2020. The new information includes:

• A list of unaffected products,

• A list of two affected products
(Image Suite and Omni) with mitigation measures.

Mitsubishi Update

Mitsubishi published an
for their MC Works 64 advisory that was originally
 on June 18th, 2020 and most
recently updated 
on December 8th, 2020. The new information
includes adding mitigation measures for MC Works64 Version 2.00A – 2.02C.

NOTE: NCCIC-ICS published an advisory
for these vulnerabilities back in June but has not yet updated it for any of
the updates that Mitsubishi has published. This is probably due to a failure by
Mitsubishi to inform NCCIC-ICS of the updates.

Rockwell Update

Rockwell published an
for their FactoryTalk Linx advisory that was originally
on December 27th, 2020. The new information includes
links to mitigation measures for three of the vulnerabilities.

Siemens Update

Siemens published an
out-of-zone update
for their SolidEdge advisory that was originally
on January 12th, 2021. The new information includes
additional mitigation information for SolidEdge SE2020.

Software Toolbox Update

Software Toolbox published an
for their TopServer advisory that was originally
on December 9th, 2020. The new information includes
adding the CVE numbers for the included vulnerabilities.

NOTE: This advisory was included in  ICSA-20-352-02.
This update will probably not be mentioned by NCCIC-ICS since the link provided
in their advisory takes one to this update.

By admin