LOYTEC Fixes Router Vulnerability
Tuesday, December 8, 2015 @ 05:12 PM gHale
LOYTEC produced a firmware update to mitigate a password file vulnerability in its LIP-3ECTB routers, according to a report on ICS-CERT.
This vulnerability, discovered by Independent researcher Maxim Rupp, is remotely exploitable.
The following LOYTEC routers suffer from the issue:
• LIP-3ECTB Version 6.0.1
A backup file containing hashes of users’ passwords can end up downloaded.
LOYTEC’s headquarters is in Germany and the company has distributors in the U.S. and France.
The affected product, LIP-3ECTB, is an IP network router device. This router sees action in the critical manufacturing and energy sectors. LOYTEC sees use on a global basis.
A backup file can end up downloaded that contains the hash for users’ passwords.
CVE-2015-7906 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.1.
No known public exploits specifically target this vulnerability. Crafting a working exploit for this vulnerability would not be difficult. An attacker with a low skill would be able to exploit this vulnerability.
LOYTEC has released a firmware update, V6.02, for these routers. LOYTEC recommends customers update to the new firmware update, V6.02.