Trending

ee-track">
Link copied!

Top ICS Vulnerabilities This Week: Siemens, Baxter, and Subnet Solutions

Cyble’s latest ICS vulnerabilities report discloses nine critical vulnerabilities in products, including Dover Fueling Solutions, goTenna, OMNTEC, and Atelmo.

November 22, 2024 · 2 min read
Top ICS Vulnerabilities This Week: Siemens, Baxter, and Subnet Solutions

This week’s Cyble ICS vulnerability report includes critical vulnerabilities like CVE-2024-39332 in Siemens, CVE-2024-9834 in Baxter Life2000 Ventilation System, and CVE-2024-45490 in Subnet Solutions that need urgent patching.

Overview

Cyble Research & Intelligence Labs (CRIL) has analyzed key Industrial Control System (ICS) vulnerabilities reported by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) for the week spanning November 12–18, 2024. It covers vulnerabilities across products from Siemens, Baxter, Subnet Solutions, and others, urging organizations to prioritize patching to mitigate risks.

This week, 21 ICS security advisories disclosed 129 vulnerabilities affecting multiple vendors.

The healthcare sector remains particularly vulnerable, with Baxter’s Life2000 ventilation systems spotlighted due to their potential to compromise patient safety.

Meanwhile, critical manufacturing continues to dominate in terms of affected infrastructure, accounting for 75.2% of reported vulnerabilities.

The Week’s Top ICS Vulnerabilities

Key vulnerabilities identified in this report include:

report-ad-banner
  1. CVE-2024-45490 (Subnet Solutions):
    • Product: PowerSYSTEM Center PSC 2020
    • Impacted Versions: v5.22.x and prior
    • Severity: Critical
    • Issue: Improper XML External Entity Reference
    • Impact: Affects SCADA, DCS, and BMS systems
  2. CVE-2024-9834 (Baxter):
    • Product: Life2000 Ventilation System (v06.08.00.00 and prior)
    • Severity: Critical
    • Issue: Cleartext Transmission of Sensitive Information
  3. CVE-2024-39332 (Siemens):
    • Product: SINEC INS
    • Impacted Versions: versions prior to V1.0 SP2 Update 3
    • Severity: Critical
    • Issue: Improper Input Validation
  4. CVE-2024-41153 (Hitachi Energy):
    • Product: TRO600 series firmware
    • Impacted Versions: v9.0.1.0 to 9.2.0.0
    • Severity: High
    • Issue: Command Injection

For the complete list of vulnerabilities and their respective mitigations, subscribe to Cyble’s AI-powered threat intelligence product suite!

Recommendations

To address these vulnerabilities and reduce exploitation risks, CRIL recommends:

  • Patch Management: Organizations should develop and implement a comprehensive patch strategy, including inventory, assessment, testing, and deployment. Leverage automation to enhance efficiency.
  • Network Segmentation: Limit attackers’ lateral movement and exposure by implementing robust segmentation practices.
  • Threat Intelligence Monitoring: Continuously track vulnerabilities listed in CISA’s KEV catalog to detect and mitigate actively exploited issues.
  • Physical Security: Protect devices and networks through physical barriers to deter unauthorized access.
  • Incident Response Planning: Maintain a tested and updated plan to respond effectively to cybersecurity incidents.
  • Staff Training: Regularly educate employees on recognizing phishing attempts, proper authentication practices, and adhering to security protocols.

Conclusion

This week’s ICS vulnerability report showcases the growing threats to critical infrastructure, particularly in manufacturing and healthcare. Organizations must prioritize resilience through prompt patching, enhanced monitoring, and proactive cybersecurity strategies to mitigate the risks posed by these vulnerabilities.

With the ICS landscape continually evolving, staying ahead of threat actors is essential to safeguarding vital operations and ensuring system integrity.

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams