ICS Communications: Frail Security in Protocols

The product, when processing trusted data, accepts any untrusted data that is also included with the trusted data, treating the untrusted data as if it were trusted.

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a ...

The System-On-a-Chip (SoC) does not properly isolate shared resources between trusted and untrusted agents.

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or tech...

During installation, installed file permissions are set to allow anyone to modify those files.

The product does not conform to the API requirements for a function call that requires extra privileges. This could allow attackers to gain privileges by causing the f...

Creating and using insecure temporary files can leave application and system data vulnerable to attack.

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.

The product does not encrypt sensitive or critical information before storage or transmission.

Hardware structures shared across execution contexts (e.g., caches and branch predictors) can violate the expected architecture isolation between contexts.

The product reads data past the end, or before the beginning, of the intended buffer.

The product writes data past the end, or before the beginning, of the intended buffer.

A number or object is predictable based on observations that the attacker can make about the state of the system or network, such as time, process ID, etc.

A Pseudo-Random Number Generator (PRNG) is initialized from a predictable seed, such as the process ID or system time.

Two distinct privileges, roles, capabilities, or rights can be combined in a way that allows an entity to perform unsafe actions that would not be allowed without that...

A Pseudo-Random Number Generator (PRNG) uses the same seed each time the product is initialized.

Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal au...

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter ...

The product uses a broken or risky cryptographic algorithm or protocol.

The product uses default passwords for potentially critical functionality.

The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

CWE entries in this view (graph) are associated with the Categories of Security Vulnerabilities in ICS, as published by the Securing Energy Infrastructure Executive Ta...