Security Vulnerabilities in Industrial Control Systems Threaten Critical Infrastructure

Recent security updates have been issued for industrial control systems (ICS) from various vendors, including Rockwell and Schneider Electric. These updates address multiple vulnerabilities that could potentially allow unauthorized access to critical infrastructure systems worldwide.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning highlighting the risks associated with these vulnerabilities. Systems from BD Diagnostic Solutions, B&R, Rockwell, and Schneider Electric are particularly at risk.

Attackers could exploit a significant vulnerability (CVE-2024-8603) in B&R Automation and mapp View, which allows them to leverage a weak cryptographic algorithm, making malicious services appear legitimate. Users are advised to upgrade to version 6.1 to mitigate this risk, as earlier versions remain vulnerable.

Additionally, Schneider Electric's Power Logic is exposed through two vulnerabilities (CVE-2024-10497 and CVE-2024-10498), which could enable attackers to gain higher user privileges by sending crafted HTTPS requests from a remote location. Furthermore, the SCADAPackTM x70 is susceptible to code injection attacks (CVE-2024-12703), requiring an authenticated user to open a specially crafted project file.

Rockwell's FactoryTalk View ME is also at risk due to a critical vulnerability (CVE-2024-24480) that allows remote attackers to execute arbitrary code, fully compromising the affected systems due to insufficient input validation. Users are urged to update to version 15.0 or apply the available patches (AID 1152331, 11552332) to secure their systems.

As of now, there have been no reported incidents of successful attacks exploiting these vulnerabilities. However, system administrators are strongly advised not to delay the installation of these critical security updates to safeguard their infrastructure.