The US Cybersecurity and Infrastructure Security Agency (CISA) has published an Industrial Control System (ICS) Advisory, warning of an improper authentication vulnerability in all versions of the Kingspan TMS300 CS water tank management system. The remotely exploitable flaw “does not properly restrict access to endpoints,” and could allow an attacker to view and modify application settings. Kingspan has not responded to CISA inquiries.
Note
- This is not the sort of overflow attack you’re thinking of. Improper authentication is a recurring theme these days, many providers are working to remedy once discovered. Hopefully the efforts aren’t swamping their team. Irrespective of the vulnerability remaining unmitigated, it’s still a good idea to make sure that you’re properly isolating these systems. Only allow connections from authorized devices and users, don’t expose them directly to the Internet, require a VPN and possibly a Bastian host, before allowing a remote connection. Implement MFA at entry points to the system. Monitor connections for unexpected behavior.
