Critical security vulnerabilities identified in firmware from Rockwell, Siemens, Hitachi ABB

The Cybersecurity and Infrastructure Security Agency (CISA) issued a number of advisories this week covering critical security vulnerabilities affecting products in the critical infrastructure sector from Rockwell Automation, Siemens and Hitachi ABB Power Grids.

Rockwell detected several loopholes in its Stratix Switches, typically used in the critical manufacturing sector. The critical security vulnerabilities identified include insufficiently protected credentials, insufficient verification of data authenticity, use of out-of-range pointer offset, insertion of sensitive information into log file, command injection and improper input validation.

Rockwell Automation encouraged users of the affected Stratix devices to update to an available firmware revision that addresses the associated risk. Cisco reported these vulnerabilities to Rockwell Automation.

Earlier this month, industrial cybersecurity firm Claroty detected nine critical security vulnerabilities in the pre-authentication attack surface of Rockwell Automation’s FactoryTalk suite, especially on the FactoryTalk AssetCentre tool. An attacker can exploit these security vulnerabilities without authentication, and control the centralized FactoryTalk AssetCentre Server and Windows-based engineering stations communicating with the server.

Siemens has detected an improper privilege management vulnerability in its Mendix platform that could allow a non-administrative user to gain administrative privileges. Authenticated, non-administrative users could modify their privileges by manipulating the user role under certain circumstances, allowing them to gain administrative privileges.

As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, the company recommends configuring the environment according to the company’s operational guidelines for industrial security, and following the recommendations in the product manuals.

Used in the energy sector, Hitachi ABB’s Ellipse APM equipment has been identified to contain a cross-site scripting vulnerability that may allow an authenticated user or integrated application to inject malicious data into the application, which can then be executed in a victim’s browser.

The Swiss company reported that a stored XSS vulnerability in the main dashboard of Ellipse APM versions prior to 5.3.0.1, 5.2.0.3, and 5.1.0.6 allows an authenticated user or integrated application to inject malicious data into the application that can then be executed in a victim’s browser. CVE-2021-27887 has been assigned to this vulnerability, with a CVSS v3 base score of 6.3.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.