Several Industrial Automation Products Affected by WibuKey DRM Flaws

0
11
Several Industrial Automation Products Affected by WibuKey DRM Flaws
Several Industrial Automation Products Affected by WibuKey DRM Flaws

Several Industrial Automation Products Affected by WibuKey DRM Flaws

The merchandise of a number of commercial automation firms are affected by the just lately disclosed vulnerabilities discovered within the WibuKey virtual rights control (DRM) resolution from Wibu Systems.

Cisco Talos published in December that the WibuKey DRM has 3 critical safety flaws that can result in data disclosure, privilege escalation, and far flung code execution. Wibu patched the vulnerabilities with the discharge of model 6.50 and it’s essential that customers replace the software, particularly since Cisco has made public technical data and proof-of-concept (PoC) code for each and every of the insects.

The WibuKey DRM is used for 1000’s of packages, together with by a number of commercial automation distributors. Cisco discussed Straton when it printed its advisories, and German commercial large Siemens admitted just lately that its SICAM 230 procedure keep an eye on and tracking machine and SIMATIC WinCC OA human-machine interface (HMI) product are impacted as neatly.

Several different firms founded in Central Europe have additionally warned consumers that the WibuKey flaws disclose their merchandise to assaults.

One of them is Germany-based Phoenix Contact, whose MEVIEW3 product is affected. According to an advisory printed this week by Germany’s [email protected], the seller will combine a patched model of WibuKey into the following liberate of MEVIEW3.

Austria-based COPA-DATA additionally alerted customers that a few of its Zenon merchandise use the DRM resolution for dongle licensing and are affected. The corporate has printed an 11-page advisory detailing the failings and their affect on its merchandise.

Learn More About ICS Flaws at SecurityWeek’s 2019 ICS Cyber Security Conference

Sprecher Automation, which could also be founded in Austria, additionally gives merchandise that use WibuKey for dongle licensing. The corporate has posted an advisory list the impacted SPRECON packages.

Finally, Germany-based IT GmbH, which makes a speciality of house and construction automation, posted a notification it gained from Wibu Systems and knowledgeable consumers that the failings affect its Elvis visualization merchandise.

The maximum critical of the WibuKey flaws is CVE-2018-3991, a vital heap overflow that may be exploited by a far flung attacker for arbitrary code execution by sending specifically crafted TCP packets to the focused machine on port 22347.

Another vital vulnerability is CVE-2018-3990, a pool corruption that may be exploited to escalate privileges by sending specifically crafted I/O request packets (IRPs).

The final vulnerability is CVE-2018-3989, which may also be exploited by the use of specifically crafted IRP requests. This safety hollow can permit an attacker to learn kernel reminiscence data and it’s been assigned a severity score of “medium.”

While Talos made its findings public in December, Wibu mentioned this used to be achieved by mistake and that it to begin with agreed with Talos to just reveal the failings on January 24 to offer consumers time to replace their installations. Talos later quickly got rid of its weblog put up and advisories, and Wibu even tried to persuade information internet sites, together with SecurityWeek, to take away their articles protecting the failings till January 24.

Related: Flaw in Popular Framework Exposes Many ICS Devices to Attacks

Related: Web Server Used in 100 ICS Products Affected by Critical Flaw

gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== - Several Industrial Automation Products Affected by WibuKey DRM Flaws
gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== - Several Industrial Automation Products Affected by WibuKey DRM Flaws
offensive security releases kali linux 2019 1 - Several Industrial Automation Products Affected by WibuKey DRM Flaws

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He labored as a highschool IT instructor for 2 years sooner than beginning a profession in journalism as Softpedia’s safety information reporter. Eduard holds a bachelor’s level in commercial informatics and a grasp’s level in laptop tactics implemented in electric engineering.

Previous Columns by Eduard Kovacs:
gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== - Several Industrial Automation Products Affected by WibuKey DRM FlawsTags:

LEAVE A REPLY

Please enter your comment!
Please enter your name here