An In-Depth Look at ICS Vulnerabilities Part 3

The items on this chart are showing what percentages of ICS-affecting vulnerabilities identified by 2021 advisories are caused by what kind of weaknesses – “flaws, faults, bugs, or other errors” – in coding.

Nine percent was caused by CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer, while CWE-787 Out-of-Bounds Write affected 8.3%.

Additionally, 6.7% was caused by CWE-20 Improper Input Validation and 4.8% was due to CWE-79 Improper Neutralization of Input During Web Page Generation.

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor affected 4.7%. CWE-125 Out-of-Bounds Read also affected 4.7%, while other weaknesses amounted to 61.9%

These CWE statistics show that many ICS vulnerabilities are related to or result from insecure coding. This reflects that vendors or programmers are not comprehensively checking their code before its release, and this will represent a challenge going forward.

From the development side, the steadily climbing and sometimes rapidly increasing numbers of vulnerabilities and the pattern of weakness prevalence from year to year suggest to our researchers that trends in developer security have not changed much over time.

Our analysis of CVEs identified in ICS-CERT advisories as affecting ICS environments shows that larger and larger numbers of these vulnerabilities are discovered every year.

The fast-increasing number of vulnerabilities that can be used to attack work sites has created challenges for the current methods of tracking and addressing emergent vulnerabilities. This is further complicated by issues such as the unpredictable timeline for information availability – organizations cannot rely on vendors, researchers, or anyone organization to keep work environments safe from threats.

Cybercriminals can cause major damage and loss by compromising ICS operations. This can lead to shutdowns, equipment damage, and health and safety risks. ICS attacks can also result in loss of financial assets, reputation, intellectual property, and competitive advantage.

With Trend Micro, you have visibility into threats affecting ICS/OT through IT and CT, plus enhanced detection and response.

To learn more about our ICS cybersecurity solutions, click here.

Read More HERE