FlagThis

The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent warnings about critical vulnerabilities impacting multiple Industrial Control Systems (ICS) products. These vulnerabilities, if exploited, could allow remote code execution (RCE) and other serious security breaches. Specifically, AutomationDirect’s C-More EA9 Programming Software and Planet Technology’s WGS-804HPT industrial switch were identified as containing severe flaws. The C-More EA9 software suffers from stack-based buffer overflow vulnerabilities, with a CVSS v4 score of 8.4, potentially enabling remote code execution. The Planet Technology switch has three critical vulnerabilities, including stack-based buffer overflow, OS command injection, and integer underflow, with a CVSS v4 score up to 9.3.

These vulnerabilities pose a significant threat to critical infrastructure, as they could enable attackers to remotely compromise systems and disrupt operations. Organizations are strongly advised to update their ICS software and hardware to the latest patched versions as soon as possible. Failure to implement these mitigations could expose organizations to severe security risks and operational disruptions. The ongoing discovery of such vulnerabilities underscores the need for continuous vigilance and proactive security measures within the industrial control systems sector.

ImgSrc: blogger.googleusercontent.com

References:

• support.broadcom.com - Broadcom advisory discussing nine vulnerabilities in their Brocade SANnav product. - 18d
• GBHackers Security - Multiple ICS Advisories Released by CISA Detailing Exploits & Vulnerabilities - 18d
• Chemical Facility Security News - Blog post reviewing public ICS disclosures, including advisories, updates, researcher reports and exploits. - 17d

Classification:

• HashTags: ICS Vulnerability CISA
• Target: Various industrial organizations
• Product: Various ICS products
• Feature: Vulnerability
• Type: Vulnerability
• Severity: Medium