Controller Vulnerabilities Mitigated
Friday, May 20, 2016 @ 05:05 PM gHale
Resource Data Management created a new version to mitigate privilege escalation vulnerability and a cross-site request forgery (CSRF) vulnerability in its Intuitive 650 TDB Controller, according to a report on ICS-CERT.
These vulnerabilities, discovered by independent researcher Maxim Rupp, are remotely exploitable.
Intuitive 650 TDB Controller Version 2.1 and earlier suffers from the issue.
Privilege escalation allows an attacker to gain elevated access to resources normally protected from an application or user. This includes altering logs and parameters.
A CSRF attack may allow the web browser to perform an unwanted action on a trusted site for which the user is currently authenticated.
Resource Data Management is a U.S.-based company that maintains offices in several countries around the world, including the UK and Asia.
The affected product, Intuitive 650 TDB Controller, is a network communication connection device. According to Resource Data Management, Intuitive 650 TDB Controller works across several sectors including commercial facilities, critical manufacturing, and healthcare and public health. These products see use primarily in the United States, United Kingdom, and Asia.
In terms of privilege escalation, a valid user can change the password for any other user, including administrators, to increase their privileges on the system.
CVE-2016-4505 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.8.
A CSRF attack occurs when a malicious program causes a web browser to perform an unwanted action on a trusted site for which the user has authentication.
CVE-2016-4506 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.5.
No known public exploits specifically target these vulnerabilities. However, an attacker with a low skill would be able to exploit these vulnerabilities.
Resource Data Management developed RDM TDB Control Editor 2 (v2.1.24) that fixes both these vulnerabilities.
Users can click here to download Version 2.1.24.