Security
Headlines
HeadlinesLatestCVEs

Headline

CISA Warns for Flaws Affecting Industrial Control Systems from Major Manufacturers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released several Industrial Control Systems (ICS) advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens. The most severe of the flaws relate to Sewio’s RTLS Studio, which could be exploited by an attacker to "obtain unauthorized access to the server, alter

The Hacker News
#xss#vulnerability#dos#rce#perl#auth#ssl#The Hacker News

Industrial Control Systems

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released several Industrial Control Systems (ICS) advisories warning of critical security flaws affecting products from Sewio, InHand Networks, Sauter Controls, and Siemens.

The most severe of the flaws relate to Sewio’s RTLS Studio, which could be exploited by an attacker to “obtain unauthorized access to the server, alter information, create a denial-of-service condition, gain escalated privileges, and execute arbitrary code,” according to CISA.

This includes CVE-2022-45444 (CVSS score: 10.0), a case of hard-coded passwords for select users in the application’s database that potentially grant remote adversaries unrestricted access.

Also notable are two command injection flaws (CVE-2022-47911 and CVE-2022-43483, CVSS scores: 9.1) and an out-of-bounds write vulnerability (CVE-2022-41989, CVSS score: 9.1) that could result in denial-of-service condition or code execution.

The vulnerabilities impact RTLS Studio version 2.0.0 up to and including version 2.6.2. Users are recommended to update to version 3.0.0 or later.

CISA, in a second alert, highlighted a set of five security defects in InHand Networks InRouter 302 and InRouter 615, including CVE-2023-22600 (CVSS score: 10.0), that could lead to command injection, information disclosure, and code execution.

“If properly chained, these vulnerabilities could result in an unauthorized remote user fully compromising every cloud-managed InHand Networks device reachable by the cloud,” the agency said.

All firmware versions of InRouter 302 prior to IR302 V3.5.56 and InRouter 615 before InRouter6XX-S-V2.3.0.r5542 are susceptible to bugs.

Security vulnerabilities have also been disclosed in Sauter Controls Nova 220, Nova 230, Nova 106, and moduNet300 that could allow unauthorized visibility to sensitive information (CVE-2023-0053, CVSS score: 7.5) and remote code execution (CVE-2023-0052, CVSS score: 9.8).

The Swiss-based automation company, however, does not plan to release fixes for the identified issues owing to the fact that the product line is no longer supported.

Lastly, the security agency detailed a cross-site scripting (XSS) flaw in Siemens Mendix SAML equipment (CVE-2022-46823, CVSS score: 9.3) that could permit a threat actor to gain sensitive information by tricking users into clicking a specially crafted link.

Users are advised to enable multi-factor authentication and update Mendix SAML to versions 2.3.4 (Mendix 8), 3.3.8 (Mendix 9, Upgrade Track), or 3.3.9 (Mendix 9, New Track) to mitigate potential risks.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Related news

Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks

Several security vulnerabilities have been disclosed in cloud management platforms associated with three industrial cellular router vendors that could expose operational technology (OT) networks to external attacks. The findings were presented by Israeli industrial cybersecurity firm OTORIO at the Black Hat Asia 2023 conference last week. The 11 vulnerabilities allow "remote code execution and

CVE-2023-0052

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior allows the execution of commands without credentials. As Telnet and file transfer protocol (FTP) are the only protocols available for device management, an unauthorized user could access the system and modify the device configuration, which could result in the unauthorized user executing unrestricted malicious commands.

CVE-2022-46823

A vulnerability has been identified in Mendix SAML (Mendix 8 compatible) (All versions >= V2.3.0 < V2.3.4), Mendix SAML (Mendix 9 compatible, New Track) (All versions >= V3.3.0 < V3.3.9), Mendix SAML (Mendix 9 compatible, Upgrade Track) (All versions >= V3.3.0 < V3.3.8). The affected module is vulnerable to reflected cross-site scripting (XSS) attacks. This could allow an attacker to extract sensitive information by tricking users into accessing a malicious link.