The U.S. Cybersecurity and Infrastructure Security Company (CISA) on Thursday issued an advisory warning of numerous vulnerabilities in the OpENer EtherNet/IP stack that could expose industrial systems to denial-of-assistance (DoS) assaults, data leaks, and distant code execution.
All OpENer commits and variations prior to February 10, 2021, are affected, despite the fact that there are no recognised general public exploits that precisely focus on these vulnerabilities.
The 4 security flaws were being uncovered and reported to CISA by researchers Tal Keren and Sharon Brizinov from operational technology security business Claroty. Also, a fifth security issue discovered by Claroty was previously disclosed by Cisco Talos (CVE-2020-13556) on December 2, 2020.
“An attacker would only require to send crafted ENIP/CIP packets to the unit in purchase to exploit these vulnerabilities,” the scientists said.
CVE-2020-13556 concerns an out-of-bounds generate vulnerability in the Ethernet/IP server that could most likely allow for an attacker to ship a sequence of specifically-crafted network requests to induce distant code execution. It can be rated 9.8 out of 10 in severity.
The four other flaws disclosed to EIPStackGroup, the maintainers of the OpENer stack, in October 2020 are as follows —
- CVE-2021-27478 (CVSS score: 8.2) – A bug in the way Popular Industrial Protocol (CIP) requests are dealt with, top to a DoS issue
- CVE-2021-27482 (CVSS score: 7.5) – An out-of-bounds go through flaw that leverages specifically crafted packets to read through arbitrary details from memory
- CVE-2021-27500 and CVE-2021-27498 (CVSS scores: 7.5) – Two reachable assertion vulnerabilities that could be exploited to final result in a DoS issue
Suppliers applying the OpENer stack are encouraged to update to the newest model when also getting protective steps to minimize network publicity for all regulate system gadgets to the internet, erect firewall barriers, and isolate them from the small business network.
This is far from the initial time security issues have been unearthed in EtherNet/IP stacks. Very last November, Claroty researchers revealed a critical vulnerability uncovered in Serious-Time Automation’s (RTA) 499ES EtherNet/IP stack could open up the industrial regulate techniques to remote attacks by adversaries.
Discovered this post interesting? Adhere to THN on Facebook, Twitter and LinkedIn to read additional exclusive information we submit.
Some parts of this article are sourced from:
thehackernews.com