GE Mitigates Relay Vulnerabilities

Friday, February 16, 2018 @ 03:02 PM gHale

GE created new firmware to mitigate a stack-based buffer overflow and improper restriction of operations within the bounds of a memory buffer vulnerabilities in its D60 Line Distance Relay, according to a report with ICS-CERT.

D60 devices running firmware Version 7.11 and prior suffer from the remotely exploitable vulnerabilities, discovered by Kirill Nesterov of Kaspersky Labs.

RELATED STORIES
Schneider’s IGSS Mobile Fixed
Schneider Clears StruxureOn Gateway Hole
Meltdown, Spectre Affects Pepperl+Fuchs HMIs
Schneider Updates IGSS SCADA Software

Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code on the device.

No known exploits specifically target these vulnerabilities. However, an attacker with low skill level could leverage the vulnerabilities.

Multiple stack-based buffer overflow vulnerabilities have been identified, which may allow remote code execution.

CVE-2018-5475 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8.

In addition, the SSH functions of the device are vulnerable to buffer overflow conditions that may allow a remote attacker to execute arbitrary code on the device.

CVE-2018-5473 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8.

The product sees use mainly in the energy sector. It also sees action on a global basis.

GE released firmware that addresses the vulnerabilities.

Authentication will be required to download the firmware.



Leave a Reply

You must be logged in to post a comment.