ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. Also recognize that VPN is only as secure as the connected devices. When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available.Locate control system networks and remote devices behind firewalls, and isolate them from the business network.Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of this vulnerability. These patch releases may be obtained by calling Technical Support at 80: These patch releases may be obtained on the Automated Logic accounts web site or calling Technical Support at 77: In addition, ALC has released the following patches: MITIGATIONĪLC applications should always be installed and maintained in accordance with the guidelines found here: Risk of impact is significantly lower for those systems installed and maintained as set forth in ALC’s system installation and maintenance guidelines. Impact to individual organizations depends on many factors that are unique to each organization, including but not limited to whether the application was installed and is maintained in accordance with manufacturer’s recommendations. The vulnerability, if exploited, could lead to the disclosure of confidential data, denial of service (DoS), spoofing of a request from an upstream device, port scanning from the perspective of the machine where the parser is located, and other system impacts. ALC WebCTRL Version 6.5, and prior and.Liebert SiteScan Web Version 6.5, and prior.The following ALC web-based building automation applications are affected: This advisory was originally posted to the NCCIC Portal on May 30, 2017, and is being released to the NCCIC/ICS-CERT web site. Vulnerability: XML External Entity (XXE) REPOSTED INFORMATION Vendor: Automated Logic Corporation (ALC)Įquipment: ALC WebCTRL, Liebert SiteScan, Carrier i-VU ATTENTION: Remotely exploitable/low skill level to exploit.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |