Monday, September 1, 2014

Few bugs in Wonderware Information Server

Vulnerabilities/fixes in Schneider Electric/Invensys Wonderware Information Server (WIS) to support tradition.

The following Schneider Electric WIS versions are affected:

  • Wonderware Information Server 4.0 SP1 Portal,
  • Wonderware Information Server 4.5 Portal,
  • Wonderware Information Server 5.0 Portal, and
  • Wonderware Information Server 5.5 Portal.


Not by SCADA alone: ATM hack @BH Europe

Alexey and Olga gonna speak @BlackHat 2014 EU on ATM security.

Wednesday, July 23, 2014

Siemens SIMATIC WinCC 7.3: Vulnerabilities/Fixes

New version of WinCC/new features/new advisories/new vulnerabilities. Kudos Gleb Gritsai, Dmitry Nagibin and Alexander Tlyapov .

CVE-2014-4682/HTTP/sensitive data (session) leakage
CVE-2014-4683/HTTP/remote privileges escalation (useful with CVE-2014-4682 and CVE-2013-3958)
CVE-2014-4685/Local/lot of funny stuff with Windows IPC objects
CVE-2014-4686/RPC/hardcoded key in authentication sequence/our new favorite slide

Details in SSA-214365.

Sunday, June 8, 2014

At Positive Hack Days IV (www.phdays.com) we have a lot of fun.
First of all we released more details about new vulnerabilities in Siemens WinCC OA, S7 1200 and S7 1500 PLC, ABB, SmartGrid and SCADA In the cloud.

Please check out slides.

Monday, May 26, 2014

Emerson DeltaV Vulnerabilities/Fixes

DeltaV Versions 10.3.1, 11.3, 11.3.1, and 12.3
Can be related to Emerson AMS Device Management version, Emerson AMS Wireless SNAP-ON also.

CVE-2014-2349 - World writable system folder
CVE-2014-2350 - Hardcoded credentials

Please find fixes in KBA NK-1400-0031.

Kudos: Kirill Nesterov, Alexander Tlyapov, Dmitry Nagibin, Alexey Osipov and Timur Yunusov

Emerson has assigned CVSS v2 base score of 2.4; the CVSS vector string is (AV:L/AC:H/Au:S/C:N/I:P/A:P).

Hmmm, 2.4? BTW


Details

Enjoy

Monday, May 5, 2014

Too Smart Grid in da Cloud

Vulnerabilities/fixes in SolarLog Solar Plant Data Loger (http://www.solar-log.net/).


PT-2014-08: Password Access in Solar-Log
PT-2014-07: Sensitive Information Disclosure in Solar-Log
PT-2014-06: Arbitrary File Upload in Solar-Log