CISA Releases ICS Advisories to Mitigate Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) released two critical Industrial Control Systems (ICS) advisories on October 15, 2024.

These advisories provide essential information about current security issues, vulnerabilities, and potential exploits affecting ICS.

The advisories focus on vulnerabilities in Siemens Siveillance Video Cameras and Schneider Electric Data Center Expert software.

Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool: Try for Free

Siemens Siveillance Video Camera Vulnerability

Executive Summary

The advisory identified a significant vulnerability in the Siemens Siveillance Video Camera system.

The vulnerability, classified as a “Classic Buffer Overflow,” is exploitable from an adjacent network and poses a substantial threat to systems using this equipment.

The Common Vulnerability Scoring System (CVSS) v4 score for this vulnerability is 7.3, indicating a high level of risk.

Technical Details

The affected products include all Siemens Siveillance Video Camera versions before V13.2.

The vulnerability, CVE-2024-3506, involves a buffer overflow issue in the camera’s drivers from the XProtect Device Pack.

This flaw allows attackers with network access to execute commands on the Recording Server under specific conditions.

Successful exploitation of this vulnerability could enable attackers to execute arbitrary commands, potentially compromising critical infrastructure sectors where these cameras are deployed worldwide.

Given the severity of the threat, CISA advises users and administrators to review Siemens’ ProductCERT Security Advisories for the most current information and mitigation strategies.

Schneider Electric Data Center Expert Vulnerabilities

Executive Summary

The second advisory highlights vulnerabilities in Schneider Electric’s Data Center Expert software.

These vulnerabilities include “Improper Verification of Cryptographic Signature” and “Missing Authentication for Critical Function.”

The CVSS v4 scores for these vulnerabilities are 8.6 and 8.2, respectively, reflecting their critical nature.

Technical Details

Affected versions include Data Center Expert 8.1.1.3 and earlier. The improper cryptographic signature verification (CVE-2024-8531) could allow attackers to manipulate upgrade bundles and execute arbitrary bash scripts as root.

Meanwhile, the missing authentication for critical functions (CVE-2024-8530) could expose private data by allowing direct access to “log captures” archives via HTTPS.

Exploiting these vulnerabilities could grant attackers unauthorized access to sensitive data and control over critical functions within data centers.

This poses significant risks to organizations relying on this software to monitor and manage their data infrastructure.

CISA strongly encourages users and administrators of Siemens Siveillance Video Cameras and Schneider Electric Data Center Expert software to review these advisories in detail.

Implementing recommended mitigations is crucial to protect against potential cyber threats that exploit these vulnerabilities.

The release of these advisories underscores the ongoing challenges in securing industrial control systems against cyber threats.

As cyber attackers continue to target critical infrastructure, timely updates and adherence to security advisories are vital for safeguarding sensitive systems.

By staying informed and proactive, organizations can better defend against potential exploits and ensure the integrity of their operations in an increasingly digital world.

How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide(PDF)