Hole in LAVA Ether-Serial Link

Wednesday, October 11, 2017 @ 02:10 PM gHale


There is an authentication bypass by spoofing in the LAVA Computer MFG Inc. ether-serial link (ESL), according to a report with ICS-CERT.

All ESLs running firmware versions 6.01.00/29.03.2007 and prior versions suffer from the vulnerability, discovered by Maxim Rupp.

RELATED STORIES
Siemens Clears Data Manager Hole
GE Fixes CIMPLICITY Hole
Siemens Updates OPC Vulnerability
Siemens Fills Ruggedcom, SCALANCE Hole

Successful exploitation of this vulnerability could allow an attacker to spoof the IP address of an authenticated user, assume the authenticated user’s identity, and gain privileges or access to the system.

Ontario, Canada-based LAVA Computer MFG Inc. has not responded to requests to work with ICS-CERT to mitigate this vulnerability.

No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage this vulnerability, which is not remotely exploitable.

An improper authentication vulnerability has been identified, which, if exploited, would allow an attacker with the same IP address to bypass authentication by accessing a specific uniform resource locator.

CVE-2017-14003 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.1.

The product sees use in the commercial facilities and critical manufacturing sectors. It sees action on a global basis.



Leave a Reply

You must be logged in to post a comment.