Industrial Control Systems Advisories Released by CISA

 by Brian McCarthy

The Cybersecurity & Infrastructure Security Agency (CISA) focuses on OT/ICS as the 2023 National Defense Authorization Act (NDAA) requires a complete inventory of OT/ICS systems and a comprehensive plan for staffing and training.

Original release date: December 20, 2022

CISA released six Industrial Control Systems (ICS) advisories on December 20, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:

1. ICSA-22-354-01 Fuji Electric Tellus Lite V-Simulator

1. EXECUTIVE SUMMARY

  • CVSS v3 7.8
  • ATTENTION: Low attack complexity 
  • Vendor: Fuji Electric
  • Equipment: Tellus Lite V-Simulator
  • Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code.

2. ICSA-22-354-02 Rockwell Automation GuardLogix and ControlLogix

1. EXECUTIVE SUMMARY

  • CVSS v3 7.8
  • ATTENTION: Low attack complexity 
  • Vendor: Fuji Electric
  • Equipment: Tellus Lite V-Simulator
  • Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code.

3. ICSA-22-354-03 ARC Informatique PcVue

1. EXECUTIVE SUMMARY

  • CVSS v3 7.8
  • ATTENTION: Low attack complexity 
  • Vendor: Fuji Electric
  • Equipment: Tellus Lite V-Simulator
  • Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code.

4. ICSA-22-354-04 Rockwell Automation MicroLogix 1100 and 1400

1. EXECUTIVE SUMMARY

  • CVSS v3 7.5
  • ATTENTION: Exploitable remotely/low attack complexity
  • Vendor: Rockwell Automation
  • Equipment: MicroLogix 1100 and 1400
  • Vulnerabilities: Cross-site Scripting, Improper Restriction of Rendered UI Layers or Frames

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could create a denial-of-service condition or allow for remote code execution.

5. ICSA-22-354-05 Delta 4G Router DX-3021

1. EXECUTIVE SUMMARY

  • CVSS v3 7.5
  • ATTENTION: Exploitable remotely/low attack complexity
  • Vendor: Rockwell Automation
  • Equipment: MicroLogix 1100 and 1400
  • Vulnerabilities: Cross-site Scripting, Improper Restriction of Rendered UI Layers or Frames

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could create a denial-of-service condition or allow for remote code execution.

6. ICSA-22-349-01 Prosys OPC UA Simulation Server (Update A)

1. EXECUTIVE SUMMARY

  • CVSS v3 6.5
  • ATTENTION: Exploitable remotely/low attack complexity
  • Vendor: Prosys OPC
  • Equipment: UA Simulation Server
  • Vulnerability: Insufficiently Protected Credentials

2. UPDATE INFORMATION

This updated advisory is a follow-up to the original advisory titled ICSA-22-349-01 Prosys OPC UA Simulation Server that was published December 15, 2022, to the ICS webpage on cisa.gov/ics.

3. RISK EVALUATION

Successful exploitation of this vulnerability could allow an attacker to obtain credentials and gain access to system data.