Cyble’s latest ICS vulnerabilities report discloses nine critical vulnerabilities in products, including Dover Fueling Solutions, goTenna, OMNTEC, and Atelmo.

This week’s Cyble ICS vulnerability report includes critical vulnerabilities like CVE-2024-39332 in Siemens, CVE-2024-9834 in Baxter Life2000 Ventilation System, and CVE-2024-45490 in Subnet Solutions that need urgent patching.

Overview

Cyble Research & Intelligence Labs (CRIL) has analyzed key Industrial Control System (ICS) vulnerabilities reported by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) for the week spanning November 12–18, 2024. It covers vulnerabilities across products from Siemens, Baxter, Subnet Solutions, and others, urging organizations to prioritize patching to mitigate risks.

This week, 21 ICS security advisories disclosed 129 vulnerabilities affecting multiple vendors.

The healthcare sector remains particularly vulnerable, with Baxter’s Life2000 ventilation systems spotlighted due to their potential to compromise patient safety.

Meanwhile, critical manufacturing continues to dominate in terms of affected infrastructure, accounting for 75.2% of reported vulnerabilities.

The Week’s Top ICS Vulnerabilities

Key vulnerabilities identified in this report include:

1. CVE-2024-45490 (Subnet Solutions):
   • Product: PowerSYSTEM Center PSC 2020
   • Impacted Versions: v5.22.x and prior
   • Severity: Critical
   • Issue: Improper XML External Entity Reference
   • Impact: Affects SCADA, DCS, and BMS systems
2. CVE-2024-9834 (Baxter):
   • Product: Life2000 Ventilation System (v06.08.00.00 and prior)
   • Severity: Critical
   • Issue: Cleartext Transmission of Sensitive Information
3. CVE-2024-39332 (Siemens):
   • Product: SINEC INS
   • Impacted Versions: versions prior to V1.0 SP2 Update 3
   • Severity: Critical
   • Issue: Improper Input Validation
4. CVE-2024-41153 (Hitachi Energy):
   • Product: TRO600 series firmware
   • Impacted Versions: v9.0.1.0 to 9.2.0.0
   • Severity: High
   • Issue: Command Injection

For the complete list of vulnerabilities and their respective mitigations, subscribe to Cyble’s AI-powered threat intelligence product suite!

Recommendations

To address these vulnerabilities and reduce exploitation risks, CRIL recommends:

• Patch Management: Organizations should develop and implement a comprehensive patch strategy, including inventory, assessment, testing, and deployment. Leverage automation to enhance efficiency.
• Network Segmentation: Limit attackers’ lateral movement and exposure by implementing robust segmentation practices.
• Threat Intelligence Monitoring: Continuously track vulnerabilities listed in CISA’s KEV catalog to detect and mitigate actively exploited issues.
• Physical Security: Protect devices and networks through physical barriers to deter unauthorized access.
• Incident Response Planning: Maintain a tested and updated plan to respond effectively to cybersecurity incidents.
• Staff Training: Regularly educate employees on recognizing phishing attempts, proper authentication practices, and adhering to security protocols.

Conclusion

This week’s ICS vulnerability report showcases the growing threats to critical infrastructure, particularly in manufacturing and healthcare. Organizations must prioritize resilience through prompt patching, enhanced monitoring, and proactive cybersecurity strategies to mitigate the risks posed by these vulnerabilities.

With the ICS landscape continually evolving, staying ahead of threat actors is essential to safeguarding vital operations and ensuring system integrity.

Related