Recent CISA Alert Highlights Critical ICS Vulnerabilities: What Houston Energy, Utility & Manufacturing Businesses Need to Know
CISA’s December 3, 2024 advisory highlights eight critical vulnerabilities in industrial control systems, requiring immediate attention from organizations using affected devices from major manufacturers
Recent CISA Alert Highlights Critical ICS Vulnerabilities: What Houston Energy, Utility & Manufacturing Businesses Need to Know
On December 3, 2024, CISA (Cybersecurity and Infrastructure Security Agency) released eight industrial control system (ICS) security advisories affecting major vendors in the critical infrastructure space. These vulnerabilities impact multiple sectors including manufacturing, energy, communications, and information technology. Let’s break down each advisory and what it means for your organization.
Key Vulnerabilities and Their Impact
Ruijie Reyee OS (ICSA-24-338-01)
- Severity: Critical (CVSS v4 9.3)
- Affected versions: 2.206.x up to 2.320.x
- Impact: Near complete device control
- Key Vulnerabilities:
- Weak password recovery
- Information exposure
- Cross-site request forgery
- OS command injection
- Mitigation: Cloud-side fixes implemented, no end-user action required
Siemens RUGGEDCOM APE1808 (ICSA-24-338-02)
- Severity: Critical (CVSS v4 9.3)
- Impact: Unauthorized access to management interface and potential DoS
- Key Vulnerabilities:
- Missing authentication for critical functions
- NULL pointer dereference
- Path traversal
- OS command injection
- Mitigation: Contact Siemens customer support for patches
Open Automation Software (ICSA-24-338-03)
- Severity: High (CVSS v4 8.5)
- Affected versions: Prior to V20.00.0076
- Impact: Code execution with escalated privileges
- Key Vulnerability: Incorrect execution-assigned permissions
- Mitigation: Upgrade to V20.00.0076 or later
ICONICS/Mitsubishi Electric GENESIS64 (ICSA-24-338-04)
- Severity: High (CVSS v4 8.5)
- Impact: Remote code execution
- Key Vulnerabilities:
- Uncontrolled search path elements
- Dead code issues
- Mitigation: Update to version 10.97.3 and apply latest security patches
Fuji Electric Monitouch V-SFT (ICSA-24-338-05)
- Severity: High (CVSS v4 8.4)
- Affected versions: 6.2.3.0 and prior
- Impact: Device crash and code execution
- Key Vulnerability: Multiple out-of-bounds write issues
- Mitigation: Update planned for April 2025
Fuji Electric Tellus Lite V-Simulator (ICSA-24-338-06)
- Severity: High (CVSS v4 8.4)
- Impact: Device crash potential
- Key Vulnerability: Out-of-bounds write
- Mitigation: Update planned for May 2025
ETIC Telecom Remote Access Server (ICSA-22-307-01)
- Severity: Moderate (CVSS v4 6.3)
- Impact: Sensitive information exposure and device compromise
- Key Vulnerabilities:
- Data authenticity issues
- Path traversal
- Cross-site scripting
- Mitigation: Update to version 4.11.0 or later
ICONICS/Mitsubishi Electric Products Update (ICSA-24-184-03)
- Severity: High (CVSS v4 7.0)
- Impact: DoS and privilege management issues
- Key Vulnerabilities:
- Resource allocation problems
- Cryptographic signature verification issues
- Mitigation: Update to version 10.97.3
How CinchOps Can Assist
Our managed security services can assist with:
- Vulnerability assessment and monitoring
- Patch management and updates
- Network segmentation implementation
- 24/7 security monitoring
- Incident response planning
- ICS security best practices
- Compliance maintenance
The increasing complexity of ICS environments requires a proactive approach to security. By partnering with us, organizations can better protect their critical infrastructure while maintaining operational efficiency. Contact us today to learn how we can help secure your ICS environment against these and future vulnerabilities.
