An In-Depth Look at ICS Vulnerabilities Part 3

Trend Micro -

The items on this chart are showing what percentages of ICS-affecting vulnerabilities identified by 2021 advisories are caused by what kind of weaknesses – “flaws, faults, bugs, or other errors” – in coding.

Nine percent was caused by CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer, while CWE-787 Out-of-Bounds Write affected 8.3%.

Additionally, 6.7% was caused by CWE-20 Improper Input Validation and 4.8% was due to CWE-79 Improper Neutralization of Input During Web Page Generation.

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor affected 4.7%. CWE-125 Out-of-Bounds Read also affected 4.7%, while other weaknesses amounted to 61.9%

These CWE statistics show that many ICS vulnerabilities are related to or result from insecure coding. This reflects that vendors or programmers are not comprehensively checking their code before its release, and this will represent a challenge going forward.

From the development side, the steadily climbing and sometimes rapidly increasing numbers of vulnerabilities and the pattern of weakness prevalence from year to year suggest to our researchers that trends in developer security have not changed much over time.

Our analysis of CVEs identified in ICS-CERT advisories as affecting ICS environments shows that larger and larger numbers of these

Read More: