Les news relatives à la cybersécurité des installations industrielles
American Water subit une cyberattaque
Une cyberattaque a touché "American Water Works", la plus grande entreprise de services d'eau et d'eaux usées aux États-Unis. L'entreprise basée à Camden, dans le New Jersey, a découvert une activité non autorisée dans ses systèmes informatiques. L'entreprise a immédiatement éteint certains de ses systèmes informatiques et a suspendu la facturation de millions de clients jusqu'à ce qu'une solution soit trouvée. Les détails concernant l'attaque et le nombre de machines affectées n'ont pas encore été révélés.
Enquête Claroty : Impacts financiers des cyberattaques
Claroty a mené une enquête auprès de 1100 professionnels de la cybersécurité sur les impacts financiers des cyberattaques qui ciblent les systèmes cyber-physiques (CPS) dans les infrastructures critiques. L'étude montre des pertes financières importantes dues aux ransomwares, et les défis liés à l'accès à distance et à la résilience face aux menaces.
Référentiel des fournisseurs cyber du secteur de santé américain
Exiger a été nommé le fournisseur de cybersécurité privilégié par l'American Hospital Association (AHA). Le programme AHA Preferred Cybersecutity Provider (APCP) a été créé pour aider les hôpitaux et les systèmes de santé à se préparer, prévenir et répondre aux cybermenaces.
-----
Nos dernières publications
Bilan des Known Exploited Vulnerabilities du mois de septembre 2024
Pourquoi parlons-nous d'installation industrielle chez Fortress Cybersecurity ?
Construire son plan protection des installations industrielles contre la menace cyber : http://www.fortress-cybersecurity.fr/plan-cybersec-indus
-----
Vulnerability Corner
Liste des Known Exploited Vulnerabilities (KEV) publiés par l'agence de cybersécurité américaine CISA la semaine précédente :
CVE-2024-9380 : Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability, https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381, https://nvd.nist.gov/vuln/detail/CVE-2024-9380
CVE-2024-9379 : Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability, https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-CSA-Cloud-Services-Appliance-CVE-2024-9379-CVE-2024-9380-CVE-2024-9381, https://nvd.nist.gov/vuln/detail/CVE-2024-9379
CVE-2024-23113 : Fortinet Multiple Products Format String Vulnerability, https://www.fortiguard.com/psirt/FG-IR-24-029,https://nvd.nist.gov/vuln/detail/CVE-2024-23113
CVE-2024-43573 : Microsoft Windows MSHTML Platform Spoofing Vulnerability, https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43573, https://nvd.nist.gov/vuln/detail/CVE-2024-43573
CVE-2024-43572 : Microsoft Windows Management Console Remote Code Execution Vulnerability, https://msrc.microsoft.com/update-guide/advisory/CVE-2024-43572, https://nvd.nist.gov/vuln/detail/CVE-2024-43572
CVE-2024-43047 : Qualcomm Multiple Chipsets Use-After-Free Vulnerability, https://git.codelinaro.org/clo/la/platform/vendor/qcom/opensource/dsp-kernel/-/commit/0e27b6c7d2bd8d0453e4465ac2ca49a8f8c440e2,https://nvd.nist.gov/vuln/detail/CVE-2024-43047
Vulnérabilités de composants de systèmes industriels :
Source : ICS Advisory Project dashboard https://lookerstudio.google.com/u/0/reporting/f0d99ae7-c75b-4fdd-9951-8ecada5aee5e/page/G1klC
34 x Siemens :
Produits : SENTRON Powercenter 1000 (7KN1110-0MC00), JT2Go, HiMed Cockpit 12 pro (J31032-K2017-H259), Simcenter Nastran 2306, Siemens SINEC Security Monitor, Tecnomatix Plant Simulation V2302, SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0), PSS(R)SINCAL, SENTRON 7KM PAC3200, RUGGEDCOM APE1808LNX (6GK6015-0AL20-0GH0), ModelSim
21 x High
2 x Critical
9 x Medium
2 x Low
13 x Rockwell Automation :
Produits : CompactLogix 5380, ControlLogix 5580, Verve Asset Manager, PowerFlex 6000T, DataMosaix Private Cloud
11 x High
1 x Critical
1 x Medium
5 x Delta Electronics :
Produits : CNCSoft-G2
5 x High
2 x Schneider Electric :
Produits : Zelio Soft 2
1 x High
1 x Low
Liste complète triée par CVSSv3 Score :
Vendor | Product | CVE | CVSSv3 Score | CVSSv3 Severity | CVSSv3 Vector | EPSS | PERCENTILE | CWE |
|
Siemens | Siemens SINEC Security Monitor | CVE-2024-47553 | 9.9 | CRITICAL | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C | 0.00043 | 0.09689 | CWE-88 |
|
Rockwell Automation | DataMosaix Private Cloud | CVE-2019-9893 | 9.8 | CRITICAL | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.02603 | 0.90512 | CWE-1357 |
|
Siemens | SENTRON 7KM PAC3200 | CVE-2024-41798 | 9.8 | CRITICAL | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-287 |
|
Rockwell Automation | DataMosaix Private Cloud | CVE-2024-7953 | 8.8 | HIGH | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
|
| CWE-862 |
|
Siemens | PSS(R)SINCAL | CVE-2024-45181 | 8.8 | HIGH | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-119 |
|
Siemens | Siemens SINEC Security Monitor | CVE-2024-47562 | 8.8 | HIGH | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C | 0.00043 | 0.09689 | CWE-77 |
|
Rockwell Automation | CompactLogix 5380 | CVE-2024-8626 | 8.6 | HIGH | AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H | 0.00043 | 0.09689 | CWE-400 |
|
Siemens | SENTRON Powercenter 1000 (7KN1110-0MC00) | CVE-2023-6874 | 8.6 | HIGH | AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H | 0.00046 | 0.17832 | CWE-754 |
|
Siemens | HiMed Cockpit 12 pro (J31032-K2017-H259) | CVE-2023-52952 | 8.5 | HIGH | AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H/E:P/RL:O/RC:C | 0.00043 | 0.09689 | CWE-424 |
|
Rockwell Automation | DataMosaix Private Cloud | CVE-2019-17543 | 8.1 | HIGH | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.00765 | 0.81497 | CWE-787 |
|
Rockwell Automation | DataMosaix Private Cloud | CVE-2024-7956 | 8.1 | HIGH | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
|
| CWE-863 |
|
Delta Electronics | CNCSoft-G2 | CVE-2024-47962 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-121 |
|
Delta Electronics | CNCSoft-G2 | CVE-2024-47963 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-787 |
|
Delta Electronics | CNCSoft-G2 | CVE-2024-47964 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-122 |
|
Delta Electronics | CNCSoft-G2 | CVE-2024-47965 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-125 |
|
Delta Electronics | CNCSoft-G2 | CVE-2024-47966 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-457 |
|
Rockwell Automation | DataMosaix Private Cloud | CVE-2019-18276 | 7.8 | HIGH | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 0.00108 | 0.44442 | CWE-273 |
|
Schneider Electric | Zelio Soft 2 | CVE-2024-8422 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-416 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45463 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-125 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45464 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-125 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45465 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-125 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45466 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-125 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45467 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-119 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45468 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-119 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45469 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-787 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45470 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-787 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45471 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-787 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45472 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-119 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45473 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-119 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45474 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-119 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45475 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-119 |
|
Siemens | JT2Go | CVE-2024-41902 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-121 |
|
Siemens | JT2Go | CVE-2024-37997 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-121 |
|
Siemens | Simcenter Nastran 2306 | CVE-2024-41981 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-122 |
|
Siemens | Simcenter Nastran 2306 | CVE-2024-47046 | 7.8 | HIGH | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-119 |
|
Rockwell Automation | ControlLogix 5580 | CVE-2024-6207 | 7.5 | HIGH | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
|
| CWE-20 |
|
Rockwell Automation | PowerFlex 6000T | CVE-2024-9124 | 7.5 | HIGH | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 0.00043 | 0.09689 | CWE-754 |
|
Rockwell Automation | DataMosaix Private Cloud | CVE-2019-14855 | 7.5 | HIGH | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 0.0023 | 0.6133 | CWE-326 |
|
Rockwell Automation | DataMosaix Private Cloud | CVE-2019-19244 | 7.5 | HIGH | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 0.00118 | 0.46734 | CWE-1357 |
|
Rockwell Automation | DataMosaix Private Cloud | CVE-2019-9923 | 7.5 | HIGH | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 0.01274 | 0.86007 | CWE-476 |
|
Rockwell Automation | DataMosaix Private Cloud | CVE-2024-7952 | 7.5 | HIGH | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| CWE-200 |
|
Rockwell Automation | Verve Asset Manager | CVE-2024-9412 | 6.8 | MEDIUM | AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-842 |
|
Siemens | ModelSim | CVE-2024-47194 | 6.7 | MEDIUM | AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-427 |
|
Siemens | ModelSim | CVE-2024-47195 | 6.7 | MEDIUM | AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-427 |
|
Siemens | ModelSim | CVE-2024-47196 | 6.7 | MEDIUM | AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H | 0.00043 | 0.09689 | CWE-427 |
|
Siemens | PSS(R)SINCAL | CVE-2024-45182 | 6.5 | MEDIUM | AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H | 0.00043 | 0.09689 | CWE-119 |
|
Siemens | RUGGEDCOM APE1808LNX (6GK6015-0AL20-0GH0) | CVE-2024-4465 | 6 | MEDIUM | AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L | 0.00044 | 0.14184 | CWE-863 |
|
Siemens | SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) | CVE-2024-46887 | 5.3 | MEDIUM | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C | 0.00043 | 0.09689 | CWE-288 |
|
Siemens | Siemens SINEC Security Monitor | CVE-2024-47563 | 5.3 | MEDIUM | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C | 0.00044 | 0.11216 | CWE-22 |
|
Siemens | SIMATIC Drive Controller CPU 1504D TF (6ES7615-4DF10-0AB0) | CVE-2024-46886 | 4.7 | MEDIUM | AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:P/RL:O/RC:C | 0.00061 | 0.26842 | CWE-601 |
|
Siemens | Siemens SINEC Security Monitor | CVE-2024-47565 | 4.3 | MEDIUM | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C | 0.00043 | 0.09689 | CWE-183 |
|
Schneider Electric | Zelio Soft 2 | CVE-2024-8518 | 3.3 | LOW | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 0.00043 | 0.09689 | CWE-20 |
|
Siemens | Tecnomatix Plant Simulation V2302 | CVE-2024-45476 | 3.3 | LOW | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 0.00043 | 0.09689 | CWE-476 |
|
Siemens | JT2Go | CVE-2024-37996 | 3.3 | LOW | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | 0.00043 | 0.09689 | CWE-476 |
|
|
|
|
|
|
|
|
|
|
|
-----
Actualité Fortress Cybersecurity
7 novembre 2024 : Segmentation des réseaux industriels
5 décembre 2024 : Protection des nouvelles tendances Industrie 4.0 : sécurité des réseaux 5G privés
______________________________________
Nous contacter : contact@fortress-cybersecurity.fr
