eWON Vulnerabilities

OVERVIEW Independent researcher Karn Ganeshen has identified several vulnerabilities in the eWON sa industrial router. eWON sa has produced an updated firmware to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following eWON router firmwar...

Advantech EKI Vulnerabilities (Update B)

OVERVIEW This updated advisory is a follow-up to the updated advisory titled ICSA-15-344-01A Advantech EKI Vulnerabilities that was published December 15, 2015, on the NCCIC/ICS-CERT web site. --------- Begin Update B Part 1 of 3 -------- HD Moore of Rapid7 identified several vulnerabilities in...

Endress+Hauser Fieldcare/CodeWrights HART Comm DTM XML Injection Vulnerability

OVERVIEW Alexander Bolshev of Digital Security has identified a vulnerability within Endress+Hauser HART DTM software libraries. The vulnerability is in handling of the HART longtag response field in Endress+Hauser’s Fieldcare and CodeWrights HART Comm DTM. Endress+Hauser Process Solutions AG and...

Harman-Kardon Uconnect Vulnerability

OVERVIEW This advisory is a follow-up to the ICS-ALERT titled ICS-ALERT-15-203-01 FCA Uconnect VulnerabilityICS-CERT ALERT, https://ics-cert.us-cert.gov/alerts/ICS-ALERT-15-203-01, web site last accessed September 17, 2015. that was published July 22, 2015, on the NCCIC/ICS-CERT web site. Chris...

Yokogawa Multiple Products Buffer Overflow Vulnerabilities

OVERVIEW Yokogawa Electric Corporation has notified NCCIC/ICS-CERT of stack-based buffer overflow vulnerabilities in multiple Yokogawa products. Yokogawa has released product revisions that mitigate the vulnerabilities for many of the vulnerable products. These vulnerabilities could be exploited...

DHS Secretary on Recruiting Trip at RSA Conference

SAN FRANCISCO – Homeland Security secretary Jeh C. Johnson was apparently on a recruiting trip today at RSA Conference. During his 30-minute keynote, amid dozens of “cyber” references, the 57-year-old Johnson put out the help-wanted sign for able-bodied security professionals who a may want to jo...

Network Time Protocol Vulnerabilities (Supplement)

OVERVIEW This advisory supplement is to accompany the NCCIC/ICS-CERT advisory titled ICSA-14-353-01 Network Time Protocol Vulnerabilities that was published December 19, 2014, on the ICS‑CERT web site. Please refer to the original advisory for all the details of the vulnerabilities. The purpose o...

Network Time Protocol Vulnerabilities (Supplement Update A)

OVERVIEW --------- Begin Update A Part 1 of 2 -------- This advisory supplement is to accompany the NCCIC/ICS-CERT advisory titled ICSA-14-353-01C Network Time Protocol Vulnerabilities that was published February 5, 2015, on the ICS‑CERT web site. --------- End Update A Part 1 of 2 ----------...

Schneider Electric OFS Server Vulnerability (Update A)

OVERVIEW --------- Begin Update A Part 1 of 4 -------- This updated advisory is a follow-up to the original advisory titled ICSA-15-141-01 Schneider Electric OFS Server Vulnerability that was published May 21, 2015, on the NCCIC/ICS-CERT web site. Ivan Sanchez from Nullcode Team has identified tw...

Hospira LifeCare PCA Infusion System Vulnerabilities

OVERVIEW OSIsoft has identified and reported to NCCIC/ICS-CERT a default permissions vulnerability in PI AF product. OSIsoft has produced a mitigation plan to remove this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS OSIsoft reports that the vulnerability affect...

Hospira MedNet Vulnerabilitie

OVERVIEW Independent researcher Billy Rios has identified four vulnerabilities in Hospira’s MedNet server software. Hospira has released a new version of the MedNet software and provided mitigation recommendations that mitigate the reported vulnerabilities. Three of the four vulnerabilities could...

Schneider Electric Telvent SAGE RTU DNP3 Improper Input Validation Vulnerability

OVERVIEW This advisory was originally posted to the US-CERT secure portal library on January 06, 2014, and is now being released to the NCCIC/ICS-CERT Web site. Adam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation in the Schneider Electric...

CareFusion Pyxis SupplyStation System Vulnerabilities

OVERVIEW Independent researcher Billy Rios identified authentication vulnerabilities in CareFusion’s Pyxis SupplyStation system. CareFusion has implemented additional controls to mitigate some of these vulnerabilities in the SupplyStation system. Some of the reported vulnerabilities could be...

Yokogawa Multiple Products Vulnerabilities

OVERVIEW Yokogawa reports that several buffer overflow vulnerabilities affect several of its products. Juan Vazquez of Rapid7 Inc.,Rapid7 Inc., http://www.rapid7.com, web site last accessed May 13, 2014. and independent researcher Julian Vilas Diaz reported to CERT/CC that they identified several...

WellinTech Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on December 10, 2013, and is now being released to the NCCIC/ICS-CERT Web site. NCCIC/ICS-CERT received reports from the Zero Day Initiative ZDI regarding a remote code execution vulnerability and an information...

Siemens SINAMICS S/G Authentication Bypass Vulnerability

OVERVIEW Siemens has identified an authentication bypass vulnerability in the SINAMICS S/G product family. Siemens has produced a firmware update that mitigates this vulnerability and has tested the update to validate that it resolves the vulnerability. Exploitation of this vulnerability could...

National Cyber Security Bulletin on Anonymous

National Cyber Security Bulletin on Anonymous DHS has analyzed the likelihood of Anonymous attacking industrial control systems ICS after the hacktivist group showed such intentions earlier this year. "Assessment of Anonymous Threat to Control Systems " that was drafted by the National...

Osama Bin Laden's Death Email Scams, Fake Antivirus, and Phishing Attack Warning

Users should be aware of potential email scams, fake antivirus, and phishing attacks regarding Osama Bin Laden's death. Email scams may contain links or attachments that may direct users to malicious websites. Fake antivirus attacks may come in the form of pop-ups that flash security warnings and...