Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Vulnerabilities & Exploits » Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

https://firewall.firm.in/wp-content/uploads/2024/10/hackers.png

Oct 09, 2024Ravie LakshmananIndustrial Security / Critical Infrastructure

Industrial MMS Protocol Libraries

Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe impacts in industrial environments.

“The vulnerabilities could allow an attacker to crash an industrial device or in some cases, enable remote code execution,” Claroty researchers Mashav Sapir and Vera Mens said in a new analysis.

MMS is an OSI application layer messaging protocol that enables remote control and monitoring of industrial devices by exchanging supervisory control information in an application-agnostic manner.

Specifically, it allows for communication between intelligent electronic devices (IEDs) and supervisory control and data acquisition (SCADA) systems or programmable logic controllers (PLCs).

Cybersecurity

The five shortcomings identified by the operational technology security company impact MZ Automation’s libIEC61850 library and Triangle MicroWorks’ TMW IEC 61850 library, and were patched in September and October 2022 following responsible disclosure –

  • CVE-2022-2970 (CVSS score: 10.0) – A stack-based buffer overflow vulnerability in libIEC61850 that could lead to a crash or remote code execution
  • CVE-2022-2971 (CVSS score: 8.6) – A type confusion vulnerability in libIEC61850 that could allow an attacker to crash the server with a malicious payload
  • CVE-2022-2972 (CVSS score: 10.0) – A stack-based buffer overflow vulnerability in libIEC61850 that could lead to a crash or remote code execution
  • CVE-2022-2973 (CVSS score: 8.6) – A null pointer deference vulnerability that could allow an attacker to crash the server
  • CVE-2022-38138 (CVSS score:7.5) – An access of uninitialized pointer vulnerability that allows an attacker to cause a denial-of-service (DoS) condition

Claroty’s analysis also found that Siemens SIPROTEC 5 IED relied on an outdated version of SISCO’s MMS-EASE stack for MMS support, which is susceptible to a DoS condition via a specially crafted packet (CVE-2015-6574, CVSS score: 7.5).

The German company has since updated its firmware with an updated version of the protocol stack as of December 2022, according to an advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

The research highlights the “gap between modern technology’s security demands and the outdated, hard-to-replace protocols,” Claroty said, urging vendors to follow security guidelines issued by CISA.

The disclosure comes weeks after Nozomi Networks detailed two vulnerabilities in the reference implementation of Espressif’s ESP-NOW wireless protocol (CVE-2024-42483 and CVE-2024-42484) that could allow replay attacks and cause a DoS condition.

Cybersecurity

“Depending on the system being targeted, this vulnerability [CVE-2024-42483] can have profound consequences,” it said. “ESP-NOW is used in security systems such as building alarms, allowing them to communicate with motion sensors.”

“In such a scenario, an attacker could exploit this vulnerability to replay a previously intercepted legitimate ‘OFF’ command, thereby disabling a motion sensor at will.”

Alternatively, ESP-NOW’s use in remote door openers, such as automatic gates and garage doors, could be weaponized to intercept an “OPEN” command and replay it at a later time to gain unauthorized access to buildings.

Back in August, Nozomi Networks also shed light on a set of unpatched 37 vulnerabilities in the OpenFlow libfluid_msg parsing library, collectively dubbed FluidFaults, that an adversary could exploit to crash Software-Defined Networking (SDN) applications.

“An attacker with network visibility to an OpenFlow controller/forwarder can send a malicious OpenFlow network packet that leads to a denial-of-service (DoS) attack,” the company said.

In recent months, security flaws have also been uncovered in Beckhoff Automation’s TwinCAT/BSD operating system that could expose PLCs to logic tampering, DoS attacks, and even command execution with root privileges on the controller.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.


Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket