Industrial switches provided by several vendors are affected by the same vulnerabilities due to the fact that they share firmware made by Taiwan-based industrial networking solutions provider Korenix Technology.
The vulnerabilities were discovered by Austria-based cybersecurity consultancy SEC Consult. The Atos-owned company has been trying to get the security holes fixed since mid-April 2020, but it took nearly one year for Korenix to release patches.
The firmware developed by Korenix for its JetNet industrial switches is also used by Westermo for PMI-110-F2G and Pepperl+Fuchs for Comtrol RocketLinx industrial switches. Both Korenix and Westermo are owned by Beijer Electronics Group. SEC Consult says devices made by these companies share a “partially similar firmware base” and they are affected by the same vulnerabilities.
SEC Consult discovered five types of vulnerabilities that have been assigned critical and high severity ratings. These include unauthenticated device administration, backdoor account, cross-site request forgery (CSRF), authenticated command injection, and TFTP file read/write issues.
An attacker with network access to the targeted device can make unauthorized changes to its configuration, cause it to enter a DoS condition, and obtain sensitive information. The vulnerabilities can be exploited to take complete control of a device.
Impacted devices are used in the heavy industry, transportation, automation, power and energy, surveillance, and other sectors. According to Thomas Weber, the SEC Consult researcher who discovered the vulnerabilities, the switches are used in key positions within the network and an attacker could exploit the vulnerabilities to cut off the network connection to attached systems.
Weber said he only saw a handful of impacted devices being exposed to the internet. The CSRF flaws can in theory be used to launch attacks directly from the internet, but the researcher pointed out ..
Support the originator by clicking the read the rest link below.
