Tag: industrial | Page 3

8 zero-day vulnerabilities discovered in popular industrial control system from Carrier

June 10, 2022/in Internet Security

Eight zero-day vulnerabilities affecting a popular industrial control provided by Carrier have been identified and patched, according to security researchers from Trellix who discovered the issues.

The vulnerabilities affect the LenelS2 Mercury access control panel, which is used to grant physical access to facilities and integrate with more complex building automation deployments.

Carrier’s LenelS2 Mercury access control panels are widely used across hundreds of companies in the healthcare, education, and transportation industries as well as federal government agencies and organizations.

Trellix said they combined both known and novel techniques that allowed them to hack the system, achieve root access to the device’s operating system and pull firmware for emulation and vulnerability discovery.

Carrier associate director of product security architecture Joshua Jessurun disputed the idea that these are zero-day vulnerabilities but told The Record that his team worked with Trellix on remediating the issues and released an advisory with detailed guidelines on what users need to do to address the vulnerabilities. Some of the issues need to be mitigated while most are addressed in firmware updates.

The Cybersecurity and Infrastructure Security Agency (CISA) released its own advisory on the issues – which are tagged as CVE-2022-31479, CVE-2022-31480, CVE-2022-31481, CVE-2022-31482, CVE-2022-31483, CVE-2022-31484, CVE-2022-31485, CVE-2022-31486 – with most carrying CVSS scores above 7.5.

A chart of the vulnerabilities from Trellix.

CISA explained that exploitation of the bugs would give “an attacker access to the device, allowing monitoring of all communications sent to and from the device, modification of onboard relays, changing of configuration files, device instability, and a denial-of-service condition.”

Trellix security researchers Steve Povolny and Sam Quinn said they “anticipated a strong potential for finding vulnerabilities, knowing that the access controller was running a Linux Operating System and root access to the board could be achieved by leveraging classic hardware hacking techniques.”

“While we believed flaws could be found, we did not…

Source…

Critical OAS Bugs Open Industrial Systems to Takeover

May 28, 2022/in Internet Security

A pair of critical flaws in industrial Internet of Things data platform vendor Open Automation Software (OAS) are threatening industrial control systems (ICS), according to Cisco Talos.

They’re part of a group of eight vulnerabilities in OAS software that the vendor patched this week.

Among the flaws is one (CVE-2022-26082) that gives attackers the ability to remotely execute malicious code on a targeted machine to disrupt or alter its functioning; another (CVE-2022-26833) enables unauthenticated use of a REST application programming interface (API) for configuration and viewing data on systems.

In its advisory, Cisco Talos described the remote code execution (RCE) vulnerability as having a severity score of 9.1 on a 10-point scale and the API-related flaw as having a score of 9.4.

The remaining flaws exist in different components of OAS Platform V16.00.0112. They were assessed as being less severe (with vulnerability-severity ratings that range from 4.9 to 7.5), and included information disclosure issues, a denial-of-service flaw, and vulnerabilities that allow attackers to make unauthorized configuration changes and other modifications on vulnerable systems.

“Cisco Talos worked with Open Automation Software to ensure that these issues are resolved, and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy,” its advisory
noted. The company recommended that organizations using the vulnerable software ensure that proper network segmentation is in place to minimize the access that an attacker, who exploited the vulnerabilities, would have on the compromised network.

OAS’s Open Automation Software Platform is primarily designed to let organizations in industrial IoT environments move data between different platforms — for instance, from an Allen Bradley programmable logic controller (PLC) to a Siemens PLC. Central to the platform is a technology the company calls Universal Data Connect that enables data to flow from and between IoT devices, PLCs, applications, and databases. OAS describes its technology as also being useful for logging data in ICS environments and putting then in open formats, and for aggregating…

Source…

Industrial Control Systems Security Market Size, Outlook And Forecast

April 26, 2022/in Computer Security

New Jersey, United States – The Industrial Control Systems Security Market research report offers comprehensive coverage of the Industrial Control Systems Security Market in the forecast period 2022-2029. It provides historical, current, and future market trends to help in developing a robust market strategy. Additionally, it provides value chain analysis, key drivers, and challenges, and includes upcoming opportunities in the Industrial Control Systems Security market that will enable the business success.

The Industrial Control Systems Security Market report provides a detailed analysis of global market size, regional and country-level market size, segmentation market growth, market share, competitive landscape, sales analysis, the impact of domestic and global market players, value chain optimization, trade regulations, recent developments, opportunity analysis, strategic market growth analysis, product launches, area market expansion, and technological innovations.

Get Full PDF Sample Copy of Report: (Including Full TOC, List of Tables & Figures, Chart) @ https://www.verifiedmarketreports.com/download-sample/?rid=490604

Key Players Mentioned in the Industrial Control Systems Security Market Research Report:

Cisco, Fortinet, Kaspersky, Symantec, Booz Allen Hamilton, Brocade Communication Systems, Citrix Systems, Computer Science, EMC, F-Secure, IBM, L-3, Trend Micro

This comprehensive Industrial Control Systems Security Market report helps in determining the deficiencies and problems faced by dominant or new companies. It also provides insights into the potential impact of the existing COVID-19 on the market scenario. The Industrial Control Systems Security Market is split by type and application. For the period 2018-2027, the growth between segments provides accurate calculations and forecasts for sales by type and application in terms of volume and value. This analysis can help you grow your business by targeting qualified niche markets.

Industrial Control Systems Security Market Segmentation:

By the product type, the market is primarily split into:

• Network security
• Endpoint security
• Application security
• Database security

By the…

Source…

US warns hackers now have tools to hijack critical industrial systems

April 14, 2022/in Computer Security

The U.S. Department of Energy (DOE), Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) warned on Wednesday that hacking groups now have access to advanced “cyber tools” that could allow them to gain control of critical industrial control systems.

In a joint cybersecurity advisory, the U.S. agencies announced hacking groups known as advanced persistent threat (APT) actors have “exhibited the capability to gain full system access to multiple industrial control system (ICS)/supervisory control and data acquisition (SCADA) devices.”

The agencies said the cyber tools allow hackers “to scan for, compromise, and control affected devices” once they have gained initial access to a particular operational technology (OT) network.

The joint advisory warns that these hacking tools can be used against Schneider Electric programmable logic controllers (PLCs), OMRON Sysmac NEX PLCs, and Open Platform Communications Unified Architecture (OPC UA) servers.

PLCs are small computers that can be programmed to receive data inputs and send operating instructions. They can be used to control automated machinery.

Open Platform Communications Unified Architecture (OPC UA) servers oversee the exchange of data between sensors and cloud-computing applications. They are another tool that can be used for industrial automation.

The U.S. cybersecurity firm Mandiant helped discover the new hacking tools through a partnership with Schneider Electric, one of the companies whose equipment could be targeted with the hacking tools. On Wednesday, Mandiant researchers said the hacking tools, which they dubbed INCONTROLLER (aka PIPEDREAM), “represent an exceptionally rare and dangerous cyber attack capability.” Mandiant said INCONTROLLER “is very likely state sponsored and contains capabilities related to disruption, sabotage, and potentially physical destruction.”

Mandiant said INCONTROLLER bears a resemblance to a hacking tool used to disable an industrial safety system in 2017, called TRITON. The INCONTROLLER tool is also similar to INDUSTROYER. TechCrunch reported a hacking group known as “Sandworm”…

Source…

Tag Archive for: industrial