Fuji Electric, Rockwell Automation recommend update to address vulnerabilities in Tellus Lite V-Simulator and Studio 5000 Logix Emulate
According to recent security advisories released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), updates for Fuji Electric’s Tellus Lite V-Simulator and Rockwell Automation’s Studio 5000 Logix Emulate are available for users to address security vulnerabilities.
An update from Fuji Electric is available for their Tellus Lite V-Simulator to address vulnerabilities related to out-of-bounds write and stack-based buffer overflow, CISA disclosed. The security vulnerabilities affect the following versions of the remote monitoring and operation software Fuji Electric Tellus Lite V-Simulator: 4.0.12.0 and earlier versions.
The vulnerabilities make the platforms susceptible to an out-of-bounds write, which might let an attacker run arbitrary code. This vulnerability, which has a CVSS v3 base score of 7.8, has been given the case number CVE-2022-3085. The product is primarily used in the critical manufacturing industry worldwide.
These vulnerabilities are not specifically targeted by any known public exploits and cannot be remotely exploited. However, these low-complexity vulnerabilities could be exploited by a novice attacker. Users are advised to update Tellus Lite V-Simulator to version 4.0.15.0 by the Japanese vendor Fuji Electric.
On January 29, 2021, Kimiya, Khangkito – Tran Van Khang of VinCSS (a member of Vingroup), and an unidentified researcher working with Trend Micro’s Zero Day Initiative both alerted CISA to the vulnerabilities affecting Fuji Electric (ZDI). If successfully exploited, these vulnerabilities might grant an attacker the ability to execute arbitrary code.
Rockwell Automation also reported a vulnerability in their Studio 5000 Logix Emulate regarding improper access control to CISA. If this vulnerability is successfully exploited, a hostile user might be able to run code remotely, which could influence the software’s availability, confidentiality, and integrity. The version affected by the vulnerability is Studio 5000 Logix Emulate v .20-33.
Users of studio 5000 Logix Emulate v.20-33 have enhanced access to some product services. A malicious attacker could be able to remotely execute code on the intended software as a result of this misconfiguration.
The Studio 5000 Logix Emulate should be updated to version 34.00, according to Rockwell Automation to address the security vulnerability.
To reduce the possibility of this vulnerability being exploited, CISA advises users to adopt protective steps. For instance, users should:
- All control system devices and/or systems should have the least amount of network exposure possible, and you should make sure that the Internet cannot access them.
- Isolate remote devices and control system networks from business networks by putting them behind firewalls.
- When remote access is necessary, use safe techniques like Virtual Private Networks (VPNs), keeping in mind that VPNs may have security vulnerabilities and should be upgraded to the most recent version available. Recall that the security of a VPN depends on the devices it is connected to.
Prior to implementing defensive measures, CISA encourages firms to do a thorough impact analysis and risk assessment.
Related
