Your Yello Ring Road To Success
GOOGLE LOGIN MY ADS MY SHOP

CISA Warns of Critical Flaws Affecting Industrial Appliances from Advantech and Hitachi

Advantech and Hitachi

The U.S. Cybersecurity and Infrastructure Security Agency (CISA)
on Tuesday released two Industrial Control Systems (ICS) advisories[1]
pertaining to severe flaws in Advantech R-SeeNet and Hitachi Energy
APM Edge appliances.

This consists of three weaknesses in the R-SeeNet monitoring
solution, successful exploitation of which “could result in an
unauthorized attacker remotely deleting files on the system or
allowing remote code execution.”

CyberSecurity

The list of issues, which affect R-SeeNet Versions 2.4.17 and
prior, is as follows –

  • CVE-2022-3385 and CVE-2022-3386 (CVSS scores:
    9.8) – Two stack-based buffer overflow flaws that could lead to
    remote code execution
  • CVE-2022-3387 (CVSS score: 6.5) – A path
    traversal flaw that could enable a remote attacker to delete
    arbitrary PDF files

Patches have been made available in version R-SeeNet version 2.4.21[2]
released on September 30, 2022.

Also published by CISA is an update to a December 2021 advisory
about multiple flaws in Hitachi Energy Transformer Asset
Performance Management (APM[3]) Edge products that
could render them inaccessible.

The 29 vulnerabilities, collectively assigned a CVSS score of
8.2, stem from security holes in open source software components
such as OpenSSL, LibSSL, libxml2, and GRUB2 bootloader. Users are
recommended to update to APM Edge version 4.0 to remediate the
bugs.

CyberSecurity

The twin alerts come less than a week after CISA published 25 ICS advisories[4] on October 13, 2022,
spanning several vulnerabilities across devices from Siemens[5], Hitachi Energy, and
Mitsubishi Electric.

According to OT cybersecurity and asset monitoring company
SynSaber, 681 ICS product vulnerabilities were reported via CISA in
the first half of 2022, out of which 152 are rated Critical, 289
are rated High, and 2015 are rated Medium in Severity.

What’s more, 54 of the Critical/High-rated CVEs have no patch or
any mitigation available from the vendors, accounting for 13% of
the total reported flaws and remaining “forever-day
vulnerabilities.”

“It’s important for asset owners and those defending critical
infrastructure to understand when remediations are available, and
how those remediations should be implemented and prioritized,”
SynSaber said[6].

References

  1. ^
    advisories
    (www.cisa.gov)
  2. ^
    R-SeeNet
    version 2.4.21     (icr.advantech.cz)
  3. ^
    APM
    (www.hitachienergy.com)
  4. ^
    published 25 ICS advisories
    (www.cisa.gov)
  5. ^
    Siemens
    (thehackernews.com)
  6. ^
    said
    (synsaber.com)

Read more