The U.S. Cybersecurity and Infrastructure Security Company (CISA) Thursday issued an advisory warning of various vulnerabilities in the OpENer EtherNet/IP stack that could expose industrial devices to denial-of-provider (DoS) attacks, information leaks, and remote code execution.
All OpENer commits and versions prior to February 10, 2021, are influenced, even though there are no regarded public exploits that precisely focus on these vulnerabilities.
The 4 security flaws have been found out and claimed to CISA by researchers Tal Keren and Sharon Brizinov from operational technology security corporation Claroty. On top of that, a fifth security issue identified by Claroty was earlier disclosed by Cisco Talos (CVE-2020-13556) on December 2, 2020.
“An attacker would only require to ship crafted ENIP/CIP packets to the unit in get to exploit these vulnerabilities,” the researchers claimed.
CVE-2020-13556 worries an out-of-bounds create vulnerability in the Ethernet/IP server that could potentially allow an attacker to send a sequence of specially-crafted network requests to set off remote code execution. It truly is rated 9.8 out of 10 in severity.
The four other flaws disclosed to EIPStackGroup, the maintainers of the OpENer stack, in October 2020 are as follows —
- CVE-2021-27478 (CVSS rating: 8.2) – A bug in the method Frequent Industrial Protocol (CIP) requests are dealt with, primary to a DoS issue
- CVE-2021-27482 (CVSS rating: 7.5) – An out-of-bounds study flaw that leverages specially crafted packets to read through arbitrary data from memory
- CVE-2021-27500 and CVE-2021-27498 (CVSS scores: 7.5) – Two reachable assertion vulnerabilities that could be exploited to result in a DoS condition
Suppliers using the OpENer stack are proposed to update to the most current variation while also having protective measures to limit network publicity for all command procedure equipment to the internet, erect firewall boundaries, and isolate them from the organization network.
This is significantly from the first time security issues have been unearthed in EtherNet/IP stacks. Final November, Claroty scientists revealed a critical vulnerability uncovered in Actual-Time Automation’s (RTA) 499ES EtherNet/IP stack could open up up the industrial command units to distant attacks by adversaries.
Discovered this article fascinating? Follow THN on Fb, Twitter and LinkedIn to study additional distinctive articles we submit.
Some parts of this post are sourced from: