Belden Updates Fixes for GECKO

Wednesday, April 19, 2017 @ 04:04 PM gHale


Belden updated a software version to mitigate path traversal, server-side request forgery, cross-site request forgery, information exposure vulnerabilities on its Hirschmann GECKO switches, according to a report with ICS-CERT.

The vulnerabilities, discovered by Davy Douhine of RandoriSec, is remotely exploitable.
Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions suffers from the issue.

RELATED STORIES
Wecon Mitigates HMI Editor Holes
Schneider Working on Modicon, SoMachine Holes
Schneider Fixes XSS Vulnerability
‘BrickerBot’ Permanent DoS Attack

Successful exploitation of these vulnerabilities may allow a remote attacker to access a copy of the configuration file of an affected device without authenticating, exposing sensitive information.

After an administrator downloads a configuration file, a copy of the configuration file, which includes hashes of user passwords, ends up saved to a location accessible without authentication.

CVE-2017-5163 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.9.

In the server-side request forgery vulnerability, a web server receives a request, but does not sufficiently verify the request is being sent to the expected destination.

CVE-2017-6036 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.5.

In the cross-site request forgery issue, the web application does not sufficiently verify requests were provided by user who submitted request.

CVE-2017-6038 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.1.

In the information exposure issue, non-sensitive information can end up obtained anonymously.

CVE-2017-6040 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

The product ends up deployed in multiple sectors on a global basis.

No known public exploits specifically target this vulnerability. An attacker would have to have a high skill level to exploit the vulnerability.

To address the vulnerabilities, Belden released a new software version, Version 02.0.01.

St. Louis, Mo-based Belden recommends users update to the newest software version. As an interim compensating control, Belden said users can reboot affected devices after each configuration download, preventing the vulnerable state.

For additional information, please review Belden’s security bulletin, BSECV-2016-5 and BSECV-2017-7.



Leave a Reply

You must be logged in to post a comment.