Real Time Automation & Paradox & Sensormatic Electronics & Schneider Electric | ¶à¸ö°²È«·ì϶¹«¸æ

°ä²¼¹¦·ò 2020-11-18

0x00 ·ì϶¸ÅÊö

½üÈÕ£¬¹¤Òµ½ÚÔìϵͳ¹«Ë¾Real Time Automation¡¢°²È«É豸Ôì×÷ÉÌParadox¡¢½­É­×Ô¿Ø×Ó¹«Ë¾Sensormatic ElectronicsºÍICS¾ÞÍ·Schneider Electric¾ù¸÷×Ô°ä²¼ÁËÆ乤ҵ½ÚÔìϵͳ¼°²úÆ·ºÍ×é¼þÖеݲȫ·ì϶¡£

 

0x01 ·ì϶ÏêÇé

image.png 



±¾´Î°ä²¼µÄ·ì϶ÏêÇéÈçÏ£º

¹«Ë¾/³§ÉÌ

ÊÜÓ°Ïì²úÆ·/×é¼þ

CVE   ID

·ì϶ÀàÐÍ

ÆÀ·Ö

ÑϳÁˮƽ

Real   Time Automation

499ES   EtherNet / IP£¨ENIP£©

CVE-2020-25159

»ùÓÚ²Ö¿âµÄ»º³åÇøÒç³ö

9.8

ÑϳÁ

Paradox

IP150

CVE-2020-25189

»ùÓÚ²Ö¿âµÄ»º³åÇøÒç³ö

9.8

ÑϳÁ

CVE-2020-25185

»º³åÇøÒç³ö

8.8

¸ßΣ

Schneider   Electric

½»»¥Ê½Í¼ÐÎSCADAϵͳ£¨IGSS£©

CVE-2020-7550

Äڴ滺³åÇøÁìÓòÄڵIJÙ×÷Ï޶Ȳ»µ±

7.8

¸ßΣ

CVE-2020-7551

CVE-2020-7552

CVE-2020-7554

CVE-2020-7553

Ô½½çдÈë

7.8

¸ßΣ

CVE-2020-7555

CVE-2020-7556

CVE-2020-7558

CVE-2020-7557

Ô½½ç¶ÁÈ¡

7.8

¸ßΣ

Sensormatic   Electronics

American   Dynamics victor Web ¿Í»§¶ËºÍ Software House   C?CURE Web ¿Í»§¶Ë

CVE-2020-9049

ÊÚȨ²»µ±

7.1

¸ßΣ

 

Ó°ÏìÁìÓò£º

Real Time Automation

ENIP 2.28֮ǰµÄËùÓа汾¡£

²Î¿¼Á´½Ó£º

https://us-cert.cisa.gov/ics/advisories/icsa-20-324-03


Paradox

Paradox IP150¹Ì¼þ°æ±¾5.02.09¡£

²Î¿¼Á´½Ó£º

https://us-cert.cisa.gov/ics/advisories/icsa-20-324-02


Sensormatic Electronics

victor Web¿Í»§¶ËµÍÓÚv5.6µÄËùÓа汾¡£

C?CURE Web¿Í»§¶ËµÄËùÓа汾£¬×î¸ßÔ̺¬v2.90¡£

²Î¿¼Á´½Ó£º

https://us-cert.cisa.gov/ics/advisories/icsa-20-324-01


Schneider Electric

IGSS½ç˵£¨Def.exe£©°æ±¾14.0.0.20247¼°Ö®Ç°µÄ°æ±¾¡£

²Î¿¼Á´½Ó£º

https://us-cert.cisa.gov/ics/advisories/icsa-20-324-04

 

²¿ÃÅÑϳÁ·ì϶ÈçÏ£º

RTA ENIP»ùÓÚ²Ö¿âµÄ»º³åÇøÒç¶Âí½Å£¨CVE-2020-25159£©

¸Ã·ì϶´æÔÚÓÚRTAµÄENIP²Ö¿âÖУ¬¹¥»÷ÕßÄܹ»·¢ËͶñÒâÊý¾Ý°üÀ´ÀûÓô˷ì϶£¬×îÖÕµ¼Ö»º³åÇøÒç³ö¡£³É¹¦ÀûÓô˷ì϶µÄ¹¥»÷Õß¿ÉÔì³É»Ø¾ø·þÎñ»ò´úÂëÖ´ÐС£

·ì϶ÏêÇéÈçÏ£º

https://www.claroty.com/2020/11/17/blog-research-rta-enip-stack-vulnerability/


Paradox IP150»ùÓÚ²Ö¿âµÄ»º³åÇøÒç¶Âí½Å£¨CVE-2020-25189£©

¸Ã·ì϶´æÔÚÓÚParadox IP150ÖУ¬¹¥»÷ÕßÄܹ»ÀûÓô˷ì϶½øÐлº³åÇøÒç³ö¹¥»÷£¬×îÖտɵ¼ÖÂÔ¶³ÌÖ´ÐÐËÁÒâ´úÂë¡£

·ì϶ÏêÇéÈçÏ£º

https://us-cert.cisa.gov/ics/advisories/icsa-20-324-02

 

0x02 ´ëÖý¨Òé

Ä¿Ç°Óйع«Ë¾ºÍ³§ÉÌÒѾ­°ä²¼Á˸üа汾»ººÍ½â´ëÊ©£¬½¨Òé²Î¿¼°²È«²¼¸æʵʱ½¨¸´¡£


0x03 ²Î¿¼Á´½Ó

https://threatpost.com/ics-vendors-warn-critical-bugs/161333/

https://www.rtautomation.com/rtas-blog/secure-ethernet-ip-devices/

 

0x04 ¹¦·òÏß

2020-11-17  CISA°ä²¼°²È«²¼¸æ

2020-11-18  VSRC°ä²¼°²È«¹«¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö³ß¶È¹ÙÍø£ºhttp://www.first.org/cvss/



image.png