Exclusive: Experts from TIM’s Red Team Research (RTR) found 6 zero-days

TIM’s Red Team Research led by Massimiliano Brolli discovered 6 new zero-day vulnerabilities in Schneider Electric StruxureWare.

Today, TIM’s Red Team Research led by Massimiliano Brolli, discovered 6 new vulnerabilities in the StruxureWare product. The flaws have been addressed by the manufacturer Schneider Electric, between April and November 2020.

Schneider Electric zero-days

Schneider Electric is a vendor specialized in energy and automation products, like ICS, SCADA and IoT products. StruxureWare Building Operation is a software integrated with physical devices for integrated monitoring, control, and management of energy, lighting, fire safety, and HVAC.

Below the list of vulnerabilities discovered by the TIM’s Red Team Research team:

CVE Vulnerability Severity
CVE-2020-7569: Upload of File with Dangerous Type 8.8
CVE-2020-7572 Improper Restriction of XML External Entity Reference 8.8
CVE-2020-28209 Windows Unquoted Search Path 7.0
CVE-2020-7570 Cross-Site Scripting Stored 5.4
CVE-2020-7571 Cross-Site Scripting Reflected 5.4
CVE-2020-7573 Improper Access Control 6.5

The issues were discovered during laboratory tests, promptly managed in a CVD (Coordinated Vulnerability Disclosure) process with the vendor.

The laboratory has been active for less than a year (based on the CVE recorded on the national Vulnerability Database), the experts also discovered unknown vulnerabilities in various products, including NOKIA, Wowza, Selesta, Flexera, Oracle and Siemens.

The research team has identified a total of 31 published CVEs, an average of one CVE every 11 days and this is the result of a great job that TIM is doing, especially in the Bug Hunting activities, where the Italian cybersecurity community should do much more.

The full list of CVEs discovered by the researchers is available at the TIM Corporate websites:

https://www.gruppotim.it/redteam

TIM is a leading Italian telco carrier, it is one of the few Italian industrial realities that dedicate an important effort in conducting research of undocumented vulnerabilities, for this reason, I suggest you follow them.

Pierluigi Paganini

(SecurityAffairs – hacking, Schneider Electric)

The post Exclusive: Experts from TIM’s Red Team Research (RTR) found 6 zero-days appeared first on Security Affairs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

MANY THANKS GO TO THE

Original Source