CONFERENCE Cyber AI & Automation Summit - NOW LIVE
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

ICS Patch Tuesday: Security Advisories Released by CISA, Schneider, Siemens, Rockwell

CISA, Schneider Electric, Siemens, and Rockwell Automation have released November 2024 Patch Tuesday security advisories.

ICS Patch Tuesday

Siemens, Schneider Electric, CISA, and Rockwell Automation have released November 2024 Patch Tuesday security advisories.

Siemens has published a dozen new advisories. Based on severity score, the most important vulnerability is a critical deserialization issue in TeleControl Server Basic, which can allow an unauthenticated attacker to execute arbitrary code on the device.

In Sinec INS, Siemens patched roughly 60 vulnerabilities, including critical issues. Many of them impact third-party components used by the product. In Sinec NMS and Scalance M-800, the company addressed over a dozen flaws in each product, many of them impacting third-party components.

High-severity issues — one in each product — were addressed by Siemens in Engineering Platforms (code execution), OZW Web Servers (stored XSS), Spectrum Power 7 (local privilege escalation), Siport (privilege escalation), and Simatic CP 1543-1 (unauthorized file system access). 

Siemens also informed customers that Solid Edge is affected by several flaws that can be exploited for code execution or DoS attacks by getting the targeted user to open a specially crafted file.

Medium-severity issues have been addressed by the company in Mendix Runtime (bypass account lockout measures) and Ruggedcom Crossbow Station Access Controller (code execution, DoS).

Schneider Electric has published four new advisories. One of them describes a critical EcoStruxure IT Gateway vulnerability that could allow an attacker to take control of the system and obtain sensitive information.

In PowerLogic PM5300 series power meters the industrial giant patched a high-severity DoS issue. 

Advertisement. Scroll to continue reading.

In Modicon M340, Momentum and MC80 controllers, the company resolved five critical and high-severity issues that can be exploited in man-in-the-middle attacks to cause a DoS condition or execute arbitrary code.

Read: Siemens and Rockwell Tackle Industrial Cybersecurity, but Face Customer Hesitation

CISA has published three new advisories. One covers three critical vulnerabilities in the Subnet PowerSystem Center OT device management platform.

The second advisory describes two vulnerabilities in Hitachi Energy TRO600 radios that could be exploited for command execution with root privileges, and to obtain valuable configuration information.

The third advisory covers a high-severity remote code execution vulnerability in Rockwell Automation’s FactoryTalk View ME.

Rockwell Automation published its own Patch Tuesday advisory for this flaw, along with a second advisory describing one critical and two high-severity issues in FactoryTalk Updater. 

The FactoryTalk Updater vulnerabilities include an authentication bypass issue that allows an attacker to impersonate a user, a remote code execution bug that requires high permissions, and a local privilege escalation flaw.  

Related: ICS Patch Tuesday: Advisories Published by Siemens, Schneider, Phoenix Contact, CERT@VDE

Related: ICS Patch Tuesday: Advisories Published by Siemens, Schneider, ABB, CISA

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Video platform Vimeo has appointed Ryan Weeks as Chief Information Security Officer.

LPL Financial has welcomed Renana Friedlich as Chief Information Security Officer.

SSH Communications Security has appointed Pauli Haikonen as the company’s Chief Information Security Officer (CISO).

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.