Monday, May 22, 2017

ICS-CERT Updates WannaCry Alert Again (#5)

For the fifth consecutive business day ICS-CERT has updated its WannaCry Alert that was originally published on May 15th, 2017. Today’s update includes:

• Updates of two previously issued Siemens Security Advisories (Imaging and Diagnostics Products; and (Laboratory Diagnostics Products);
• Adds a new Siemens Security Advisory (Ultrasound Products); and
• A link to a Honeywell Security Update.

I have not mentioned it to date because I have been expecting ICS-CERT or US-CERT to mention this in their alerts (they have not done so as of yet), but Siemens has been reporting since their first advisory publication that there are actually six vulnerabilities involved in the WannaCry malware. Those are:

• CVE-2017-0143 - Windows SMB Remote Code Execution Vulnerability (Input Validation);
• CVE-2017-0144 - Windows SMB Remote Code Execution Vulnerability (Input Validation);
• CVE-2017-0145 - Windows SMB Remote Code Execution Vulnerability (Input Validation);
• CVE-2017-0146 - Windows SMB Remote Code Execution Vulnerability (Input Validation);
• CVE-2017-0147 - Windows SMB Information Disclosure Vulnerability (Information Leak / Disclosure); and
• CVE-2017-0148 - Windows SMB Remote Code Execution Vulnerability (Input Validation)


I’m not sure that this really provides much in the way of actionable information. Both the Mitre CVD and NIST CVE listings for these CVE are dated from before the WannaCry outbreak. The Microsoft TechCenter reports for these CVE are also dated; still reporting that there have been no exploits of the vulnerabilities.

No comments:

 
/* Use this with templates/template-twocol.html */