A group of security researchers uncovered and identified up to 17 vulnerabilities from an industrial router model series designed to provide multifunctional protection within industrial control systems (ICS), such as pumping and treatment, DCS, and PLC/SCADA in the water, oil and energy, and automated manufacturing sectors. The vulnerabilities reportedly include high severity injection commands and denial-of-service (DoS) flaws, as well as medium severity weaknesses related to password storage and encryption.
The Moxa EDR-810 Series router is described to protect critical facilities while maintaining fast transmission of data, featuring redundancy protection measures including industrial firewall, NAT, VPN, and L2 switching structures. While firmware flaws also affect earlier versions of the product, injections and weak password encryption are common weaknesses in ICS and supervisory control and data acquisition (SCADA) systems, especially as threat actors consistently try to exploit common vulnerabilities found in Human Machine Interfaces (HMIs).
Problems with the identified ICS routers were discovered on November 2017, with vulnerabilities that allowed an attacker to escalate privileges through a specially crafted HTTP POST, thereby gaining access to the root shell and enabling control of the targeted device (CVE-2017-12120, CVE-2017-12121, CVE-2017-12125, CVE-2017-14432 to 14434). Attackers could also exploit DoS flaws in the web server and Service Agent by sending specially designed HTTP URI and TCP ports of 4000 or higher (CVE-2017-14435 to 14437, CVE-2017-12124, CVE-2017-14438 to 14439). Medium severity vulnerabilities were related to weak encryption and storage of passwords, as well as exploitable cross-site request forgery (CSRF) to execute malicious code for device reconfiguration (CVE-2017-12123, CVE-2017-12126, CVE-2017-12127, CVE-2017-12129).
While flaws like these crop up from security research and inspections, these vulnerabilities can be exploited by threat actors, as was the case for the Stuxnet and the Ukrainian power grid attack. ICS and SCADA systems are at the heart of countries’ vital infrastructures, such as power and water generation and distribution, and communication expanse and civil defense systems, to name a few. A study conducted and published by Trend Micro ZDI researchers found a number of reasons why vendors overlook uploading updates for their clients. Ultimately, ICSs must be protected from compromise as it is the central hub for managing major infrastructure. Some things that can be done to protect Industrial Control Systems:
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.