us-cert

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION: Exploitable remotely   Vendor: Siemens   Equipment: SCALANCE W1750D  Vulnerabilities: Inadequate Encryption Strength, Double Free, Use After Free, Improper Input Validation  2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read memory contents, decrypt RSA-encrypted messages, or create a denial-of-service condition.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following software from Siemens is affected:  SCALANCE W1750D (JP) (6GK5750-2HX01-1AD0): All versions   SCALANCE W1750D (ROW) (6GK5750-2HX01-1AA0): All versions  SCALANCE W1750D (USA) (6GK5750-2HX01-1AB0): All versions   3.2 VULN...

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity   Vendor: Rockwell Automation  Equipment: Modbus TCP Server Add-On Instruction (AOI)  Vulnerability: Exposure of Sensitive Information to an Unauthorized Actor  2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to read the connected device’s Modbus TCP Server AOI information.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation Modbus TCP Server AOI, are affected:  Modbus TCP Server AOI: Versions 2.00 and 2.03  3.2 VULNERABILITY OVERVIEW 3.2.1 EXPOSURE OF SENSITIVE INFORMATION TO AN UNAUTHORIZED ACTOR CWE-200  Versions of Rockwell Automation Modbus TCP Server AOI prior to 2.04.00 are vulnerable to an unauthorized user sending a malformed message that could cause the controller to respond with a copy of the most recent response to the last valid request. If exploited, an unauthorized user could read the connected devi...

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity   Vendor: Omron  Equipment: CJ1M PLC  Vulnerabilities: Improper Access Control    2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to bypass user memory protections by writing to a specific memory address. An attacker can also overwrite passwords and lock engineers from reading their own memory regions.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following components of Omron CJ1M, a programmable logic controller, are affected:  SYSMAC CJ-series  CJ2H-CPU6 □ -EIP: All versions  CJ2H-CPU6 □: All versions  CJ2M-CPU □ □: All versions  CJ1G-CPU □ □ P: All versions  SYSMAC CS-series   CS1H-CPU □ □ H: All versions  CS1G-CPU □ □ H: All versions  CS1D-CPU □ □ HA: All versions  CS1D-CPU □ □ H: All versions  CS1D-CPU □ □ SA: All versions  CS1D-CPU □ □ S: All versions  CS1D-CPU □ □ P: All versions  SYSMAC CP-series  CP2E-E □ □ D □ - □: All versions  CP2E-S □ □...

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity   Vendor: AVEVA  Equipment: AVEVA Plant SCADA and AVEVA Telemetry Server  Vulnerability: Improper Authorization  2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated user to read data, cause a denial of service, and tamper with alarm states.   3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of AVEVA Plant SCADA and AVEVA Telemetry Server are affected:  AVEVA Plant SCADA 2023, AVEVA Plant SCADA 2020R2 Update 10 and all prior versions.  AVEVA Telemetry Server 2020 R2 SP1 and all prior versions  3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER AUTHORIZATION CWE-285  The listed versions of AVEVA Plant SCADA and AVEVA Telemetry Server contain an improper authorization vulnerability, which if exploited, could allow an unauthenticated user to remotely read data, cause a denial-of-service condition, and tamper with alarm states.  CVE-2023-1256 has been as...

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low attack complexity  Vendor: Autodesk  Equipment: FBX SDK  Vulnerability: Out-of-bounds Read, Use After Free, Out-of-bounds Write  2. RISK EVALUATION Successful exploitation of these vulnerabilities could lead to code execution or a denial-of-service condition. Products using Autodesk FBX SDK software are affected by these vulnerabilities.  3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of the affected products are affected:  Autodesk FBX SDK versions 2020 and prior  Luxion KeyShot version 11.3 and prior  3.2 VULNERABILITY OVERVIEW 3.2.1 OUT-OF-BOUNDS READ CWE-125  An out-of-bounds read vulnerability in versions of Autodesk FBX SDK prior to version 2020 could result in code execution or information disclosure through maliciously crafted FBX files. This vulnerability, if exploited alongside other vulnerabilities, could also result in code execution in the context of the current process.  CVE-2022-41302...

This updated advisory is a follow-up to the advisory update titled ICSMA-21-87-01 Philips Vue PACS (Update A) that was published January 20, 2022, to the ICS webpage on www.cisa.gov/uscert/ics. This advisory contains mitigations for numerous vulnerabilities in Philips Vue PACS products.