Rewterz Threat Advisory – ICS: Siemens SIMATIC CP 1543-1

Rewterz Threat Advisory – ICS: Synergy Systems & Solutions HUSKY RTU

February 13, 2020

Rewterz Threat Advisory – CVE-2020-3119 – Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution

February 13, 2020

Rewterz Threat Advisory – ICS: Siemens SIMATIC CP 1543-1

Severity

High

Analysis Summary

CVE-2019-12815

An arbitrary file copy vulnerability in mod_copy of the embedded FTP server allows for remote code execution and information disclosure without authentication.

CVE-2019-18217

Incorrect handling of overly long commands in the embedded FTP server allow an attacker to cause a denial-of-service condition by entering an infinite loop.

Impact

Remote code execution
Information disclosure without authentication
Denial of service.

Affected Vendors

Siemens

Affected Products

SIMATIC CP 1543-1 all versions starting at 2.0 and prior to 2.2

Remediation

Update to latest Version 2.2

Rewterz Threat Advisory – ICS: Synergy Systems & Solutions HUSKY RTU

Rewterz Threat Advisory – CVE-2020-3119 – Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution

Rewterz Threat Advisory – ICS: Siemens SIMATIC CP 1543-1

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan