Real Time Automation & Paradox & Sensormatic Electronics & Schneider Electric | ¶à¸öÇå¾²Îó²îͨ¸æ
Ðû²¼Ê±¼ä 2020-11-180x00 Îó²î¸ÅÊö
¿ËÈÕ£¬£¬£¬¹¤Òµ¿ØÖÆÏµÍ³¹«Ë¾Real Time Automation¡¢Çå¾²×°±¸ÖÆÔìÉÌParadox¡¢½É×Ô¿Ø×Ó¹«Ë¾Sensormatic ElectronicsºÍICS¾ÞÍ·Schneider Electric¾ù¸÷×ÔÐû²¼ÁËÆä¹¤Òµ¿ØÖÆÏµÍ³¼°²úÆ·ºÍ×é¼þÖеÄÇå¾²Îó²î¡£¡£¡£¡£¡£
0x01 Îó²îÏêÇé
±¾´ÎÐû²¼µÄÎó²îÏêÇéÈçÏ£º
¹«Ë¾/³§ÉÌ | ÊÜÓ°Ïì²úÆ·/×é¼þ | CVE ID | Îó²îÀàÐÍ | ÆÀ·Ö | ÑÏÖØË®Æ½ |
Real Time Automation | 499ES EtherNet / IP£¨ENIP£© | CVE-2020-25159 | »ùÓÚ¿ÍÕ»µÄ»º³åÇøÒç³ö | 9.8 | ÑÏÖØ |
Paradox | IP150 | CVE-2020-25189 | »ùÓÚ¿ÍÕ»µÄ»º³åÇøÒç³ö | 9.8 | ÑÏÖØ |
CVE-2020-25185 | »º³åÇøÒç³ö | 8.8 | ¸ßΣ | ||
Schneider Electric | ½»»¥Ê½Í¼ÐÎSCADAϵͳ£¨IGSS£© | CVE-2020-7550 | Äڴ滺³åÇø¹æÄ£ÄڵIJÙ×÷ÏÞÖÆ²»µ± | 7.8 | ¸ßΣ |
CVE-2020-7551 | |||||
CVE-2020-7552 | |||||
CVE-2020-7554 | |||||
CVE-2020-7553 | Ô½½çдÈë | 7.8 | ¸ßΣ | ||
CVE-2020-7555 | |||||
CVE-2020-7556 | |||||
CVE-2020-7558 | |||||
CVE-2020-7557 | Ô½½ç¶ÁÈ¡ | 7.8 | ¸ßΣ | ||
Sensormatic Electronics | American Dynamics victor Web ¿Í»§¶ËºÍ Software House C?CURE Web ¿Í»§¶Ë | CVE-2020-9049 | ÊÚȨ²»µ± | 7.1 | ¸ßΣ |
Ó°Ïì¹æÄ££º
Real Time Automation
ENIP 2.28֮ǰµÄËùÓа汾¡£¡£¡£¡£¡£
²Î¿¼Á´½Ó£º
https://us-cert.cisa.gov/ics/advisories/icsa-20-324-03
Paradox
Paradox IP150¹Ì¼þ°æ±¾5.02.09¡£¡£¡£¡£¡£
²Î¿¼Á´½Ó£º
https://us-cert.cisa.gov/ics/advisories/icsa-20-324-02
Sensormatic Electronics
victor Web¿Í»§¶ËµÍÓÚv5.6µÄËùÓа汾¡£¡£¡£¡£¡£
C?CURE Web¿Í»§¶ËµÄËùÓа汾£¬£¬£¬×î¸ß°üÀ¨v2.90¡£¡£¡£¡£¡£
²Î¿¼Á´½Ó£º
https://us-cert.cisa.gov/ics/advisories/icsa-20-324-01
Schneider Electric
IGSS½ç˵£¨Def.exe£©°æ±¾14.0.0.20247¼°Ö®Ç°µÄ°æ±¾¡£¡£¡£¡£¡£
²Î¿¼Á´½Ó£º
https://us-cert.cisa.gov/ics/advisories/icsa-20-324-04
²¿·ÖÑÏÖØÎó²îÈçÏ£º
RTA ENIP»ùÓÚ¿ÍÕ»µÄ»º³åÇøÒç³öÎó²î£¨CVE-2020-25159£©
¸ÃÎó²î±£´æÓÚRTAµÄENIP¿ÍÕ»ÖУ¬£¬£¬¹¥»÷Õß¿ÉÒÔ·¢ËͶñÒâÊý¾Ý°üÀ´Ê¹ÓôËÎó²î£¬£¬£¬×îÖÕµ¼Ö»º³åÇøÒç³ö¡£¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÔì³É¾Ü¾øÐ§ÀÍ»ò´úÂëÖ´ÐС£¡£¡£¡£¡£
Îó²îÏêÇéÈçÏ£º
https://www.claroty.com/2020/11/17/blog-research-rta-enip-stack-vulnerability/
Paradox IP150»ùÓÚ¿ÍÕ»µÄ»º³åÇøÒç³öÎó²î£¨CVE-2020-25189£©
¸ÃÎó²î±£´æÓÚParadox IP150ÖУ¬£¬£¬¹¥»÷Õß¿ÉÒÔʹÓôËÎó²î¾ÙÐлº³åÇøÒç³ö¹¥»÷£¬£¬£¬×îÖտɵ¼ÖÂÔ¶³ÌÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£¡£
Îó²îÏêÇéÈçÏ£º
https://us-cert.cisa.gov/ics/advisories/icsa-20-324-02
0x02 ´¦Öóͷ£½¨Òé
ÏÖÔÚÏà¹Ø¹«Ë¾ºÍ³§ÉÌÒѾÐû²¼Á˸üа汾»ººÍ½â²½·¥£¬£¬£¬½¨Òé²Î¿¼Ç徲ͨ¸æÊµÊ±ÐÞ¸´¡£¡£¡£¡£¡£
0x03 ²Î¿¼Á´½Ó
https://threatpost.com/ics-vendors-warn-critical-bugs/161333/
https://www.rtautomation.com/rtas-blog/secure-ethernet-ip-devices/
0x04 ʱ¼äÏß
2020-11-17 CISAÐû²¼Ç徲ͨ¸æ
2020-11-18 VSRCÐû²¼Ç徲ͨ¸æ
0x05 ¸½Â¼
CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/