(I)IoT Security News
ICS, News, Vulnerabilities

Rockwell Automation EDS Subsystem

Rockwell Automation EDS Subsystem

1. EXECUTIVE SUMMARY

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could lead to a denial-of-service condition.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

The following products that utilize the EDS Subsystem (Version 28.0.1 and prior) are affected:

3.2 VULNERABILITY OVERVIEW

3.2.1    IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119

A memory corruption vulnerability exists in the algorithm that matches square brackets in the EDS subsystem. This may allow an attacker to craft specialized EDS files to crash the EDSParser COM object, leading to denial-of-service conditions.

CVE-2020-12038 has been assigned to this vulnerability. A CVSS v3 base score of 6.7 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:H).

3.2.2    IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN SQL COMMAND (‘SQL INJECTION’) CWE-89

The EDS subsystem does not provide adequate input sanitization, which may allow an attacker to craft specialized EDS files to inject SQL queries and manipulate the database storing the EDS files. This may lead to denial-of-service (DoS) conditions or allow an attacker to manipulate the SQL engine to write or modify files on the system.

CVE-2020-12034 has been assigned to this vulnerability. A CVSS v3 base score of 8.2 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:H).

3.3 BACKGROUND

3.4 RESEARCHER

Sharon Brizinov and Amir Preminger (VP Research) of Claroty reported these vulnerabilities to Rockwell Automation and CISA.

4. MITIGATIONS

Rockwell Automation recommends the following:

Network-based vulnerability mitigations for embedded products:

General mitigations:

For more information please refer to Rockwell Automation’s security advisory 54102-Industrial Security Advisory Index.
CISA recommends users take the following measures to protect themselves from social engineering attacks:

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

CISA also provides a section for control systems security recommended practices on the ICS webpage on us-cert.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on us-cert.gov in the Technical Information Paper, ICS-TIP-12-146-01B–Targeted Cyber Intrusion Detection and Mitigation Strategies.

Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

No known public exploits specifically target these vulnerabilities.

Source:

https://www.us-cert.gov/ics/advisories/icsa-20-140-01

Related posts

Passwords for Tens of Thousands of Dahua Devices Cached in IoT Search Engine

(I) IoT
6 years ago

WIBU SYSTEMS AG WibuKey Digital Rights Management (Update D)

(I) IoT
6 years ago

Moxa EDS-G516E and EDS-510E Series Ethernet Switches

(I) IoT
5 years ago
Exit mobile version