EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • CISA warns of flaws in ICS and SCADA software

    CISA warns of flaws in ICS and SCADA software

    Written by
    The Editorial Team
    04.16.23
    Industry and OT
    02
    MIN
    CISA warns of flaws in ICS and SCADA software
    CISA warns of flaws in ICS and SCADA software
    CISA warns of flaws in ICS and SCADA software
    Image Are ZPMC’s Chinese dock cranes spying on the United States?
    Industry and OT
    05.02.24 Industry and OT
    Next article
    Are ZPMC’s Chinese dock cranes spying on the United States?
    Read
    02
    MIN
    Image Study highlights glaring shortcomings in OT cybersecurity 
    Industry and OT
    03.16.24 Industry and OT
    Next article
    Study highlights glaring shortcomings in OT cybersecurity 
    Read
    02
    MIN
    Image Cloud computing: the manufacturing industry's cybersecurity Achilles' heel
    Industry and OT
    02.08.24 Industry and OT
    Next article
    Cloud computing: the manufacturing industry’s cybersecurity Achilles’ heel
    Read
    01
    MIN
    Image Strengthening of strategic partnership between Eviden and Microsoft
    Industry and OT
    01.30.24 Industry and OT
    Next article
    Strengthening of strategic partnership between Eviden and Microsoft
    Read
    01
    MIN

    Some of these flaws are critical, two have already been exploited, and all are unpatched

    On April 6, 2023, CISA (Cybersecurity and Infrastructure Security Agency, the American counterpart of Anssi) published seven advisories concerning weaknesses in ICS and SCADA systems from several vendors. Some of these are considered critical and two of them have already been publicly exploited.

    The most problematic are probably those affecting Industrial Control Links’ ScadaFlex series SCADA controllers. These flaws have a CVSS (Common Vulnerability Scoring System) score of 9.1 out of 10: they could allow an unauthenticated attacker to overwrite, delete, or create files remotely.

    CISA also points out the low complexity of such an attack. At least one exploit of these vulnerabilities has already been made public. What’s worse, no patch is available because the vendor, Industrial Control Links, is closing down. However, the US authorities are proposing mitigating measures.

    Also of concern: a critical data deserialization flaw, with a CVSS score of 9.8, affects Rockwell Automation’s FactoryTalk software. It allows an unauthenticated remote attacker to execute code with system-level privileges. No patch is currently available, but Rockwell is working on a software update.

    In the meantime, the company has recommended several workarounds and defensive measures. The FactoryTalk suite powers Rockwell’s industrial equipment in food and beverage, transportation, and water management.

    CISA also reports several high severity flaws (CVSS score between 9.8 and 9.9), but fixed in more recent versions of the software. They affect:

    • versions 8.26.0 and earlier of the mySCADA myPRO software, which is used in the energy, food, transportation and water management industries;
    • Hitachi MicroSCADA System Data Manager SDM600 software versions 1.2 FP3 HF4 and earlier, specializing in energy installations.

    The warning also indicates flaws of lesser severity (from 7.8 to 8.8), which have been patched. They concern:

    • Kostac PLC programming software from Koyo Electronics, a subsidiary of the JTEKT group;
    • JTEKT Screen Creator Advance 2 screen recording program;
    • Several models of Korenix JetWave industrial communication gateways.
    The Editorial Team
    04.16.23
    Articles by the same author:
    1
    04.08.24 Cybercrime
    AT&T data theft: 73 million accounts compromised
    Read
    01
    MIN
    2
    04.08.24 Industry and OT
    Kaspersky notes slight decrease in attacks against ICS 
    Read
    02
    MIN
    3
    04.05.24 Digital Sovereignty
    DMA: European Commission to investigate Alphabet, Apple and Meta 
    Read
    02
    MIN
    4
    04.02.24 Digital Sovereignty
    Atos/Eviden: Airbus throws in the towel (again)
    Read
    02
    MIN
    Image Are ZPMC’s Chinese dock cranes spying on the United States?
    Industry and OT
    05.02.24 Industry and OT
    Next article
    Are ZPMC’s Chinese dock cranes spying on the United States?
    Read
    02
    MIN
    Image Study highlights glaring shortcomings in OT cybersecurity 
    Industry and OT
    03.16.24 Industry and OT
    Next article
    Study highlights glaring shortcomings in OT cybersecurity 
    Read
    02
    MIN
    Image Cloud computing: the manufacturing industry's cybersecurity Achilles' heel
    Industry and OT
    02.08.24 Industry and OT
    Next article
    Cloud computing: the manufacturing industry’s cybersecurity Achilles’ heel
    Read
    01
    MIN
    Image Strengthening of strategic partnership between Eviden and Microsoft
    Industry and OT
    01.30.24 Industry and OT
    Next article
    Strengthening of strategic partnership between Eviden and Microsoft
    Read
    01
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.