Critical infrastructure asset owners/operators are learning about which vendors ended up affected by the cache side-channel attacks known as Meltdown and Spectre, according to a report from ICS-CERT.
Exploitation of these vulnerabilities, which have case numbers of CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754, may allow unauthorized disclosure of information.
The following product vendors reported they support products that use affected CPUs and have issued customer notifications with recommendations for users:
• Becton, Dickinson and Company (BD)
• Rockwell Automation (account required for login)
ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to taking defensive measures.
ICS-CERT also provides a control systems recommended practices page on the ICS-CERT web site. Several recommended practices are available for reading or download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Organizations that observe any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.