1 2 3 4 5 6 7 8 9 10
Third-Party-Whitepapers_Icon datasheet smart-tv white-papers videos tech-notes solution-briefs infographics case-studies brochures awards reviews podcasts guides

Forescout

Oct 23, 2020

OT Vulnerability and IoC Database October 2020

The monthly OT Vulnerability and IoC Database update provides new threat detection capabilities for SilentDefense, including information about new asset vulnerabilities (CVEs), and other Indicators of Compromise (e.g. blacklisted IPs, domains, etc.).

What’s new?

The October update includes the following content:

  • 76 new CVEs have been added
    • 10 for Cisco
    • 1 for Meinberg
    • 1 for Mitsubishi
    • 2 for Philips
    • 39 for QNAP
    • 6 for Rockwell
    • 1 for Sick
    • 16 for Siemens
  • 32 CVEs have been updated because of new information from the vendor
    • 17 for Schneider
    • 15 for Siemens
  • 28 CVE’s have their CVSS score updated
  • The URL’s for advisories of US-CERT (CISA) and Siemens have all been updated, because many older URL’s pointed to no longer existing sites (also moving from http://… to https://… where applicable).
  • The following new equipment is supported as of this month
    • QNAP NAS-stations
  • The following advisories have an update for their CVSS score
    • CVE-2017-6606 / 6615 / 6634 / 6664 / 16744 / 16748
    • CVE-2018-7082 / 7083 / 7838 / 11457 / 11458 / 11459 / 11460 / 11461 / 11462 / 11463 / 11464 / 11465 / 11466 / 13799 / 13808 / 13809 / 13810 / 13812 / 13813 / 13814
    • CVE-2020-7524 / 13828
  • 6 new IoCs have been added for
    • Malware related to Drovorub  (6 IP-addresses)

Supported Versions

This content update is supported by the following releases:

  • SilentDefense 3.13.0 and up

Requirements

The database update must be uploaded in the SilentDefense Command Center. This is a cumulative database update, and as such only the latest update is required to bring the SilentDefense CVE and IoC content up to date.

The CVE and IoC database includes information for vulnerabilities that can be detected when specific SD Scripts are running, for example the Host and Link Add-Ons SD Script. The additional detection and fingerprinting capabilities that SD Scripts can provide allow for more comprehensive vulnerability detection.

Availability

Download the module and related documentation from the Downloads / Resources section of the OT Customer portal, https://portal.secmatters.com/.

Back to Resources
Announcement Archive

Contact Us

Toll-Free (US): 1-866-377-8771
Tel (Intl): +1-408-213-3191
Support: +1-708-237-6591

Headquarters
190 W Tasman Dr.
San Jose, CA, USA 95134

Also of Interest