Rockwell Clears Multiple Stratix 5900 Issues

Tuesday, May 9, 2017 @ 03:05 PM gHale


Rockwell Automation released new firmware to mitigate a large amount of vulnerabilities in its Stratix 5900, according to a report with ICS-CERT.

The service routers suffer from improper input validation, resource management errors, improper authentication, and path traversal vulnerabilities.

RELATED STORIES
Advantech Fixes WebAccess Hole
Rockwell Mitigates Issues with PACs
Advantech B+B SmartWorx Gateway Hole
CyberVision IoT Platform Vulnerability

Rockwell said the remotely exploitable vulnerabilities, discovered by Cisco Systems who reported them directly to Rockwell, affect the following Stratix 5900 Services Routers, all versions prior to 15.6.3.

An attacker who exploits these vulnerabilities may be able to perform man-in-the-middle attacks, create denial of service (DoS) conditions, or remotely execute arbitrary code.

No known public exploits specifically target these vulnerabilities. However, it would take an attacker with low skill level to exploit the vulnerabilities.

The products see use in the critical manufacturing, energy and water and wastewater systems sectors. They also sees use on a global basis.

One of the vulnerabilities the product suffers from is an improper input validation. Cisco IOS and IOS XE Software DNS forwarder DoS vulnerability.

CVE-2016-6380 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.1.

There is also a resource management errors vulnerability. Cisco IOS and IOS XE Software AAA Login DoS Vulnerability.

CVE-2016-6393 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.1.

There is an additional resource management errors issue. Cisco IOS and IOS XE Software H.323 message validation DoS vulnerability.

CVE-2016-6384 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

Another resource management error is with the Cisco IOS and IOS XE Software Internet Key Exchange Version 1 fragmentation DoS vulnerability.

CVE-2016-6381 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.8.

Another resource management error issue is with Cisco IOS and IOS XE Software multicast routing DoS vulnerabilities.

CVE-2016-6382 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

There is also an IKEv1 information disclosure vulnerability in multiple Cisco products.

CVE-2016-6415 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

There is also a Cisco Products IPv6 Neighbor Discovery crafted packet DoS vulnerability.

CVE-2016-1409 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.8.

There is also a Cisco IOS and IOS XE and Cisco Unified Communications Manager Software session initiation protocol memory leak vulnerability.

CVE-2016-1350 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

There is also a Cisco IOS and IOS XE Software Internet Key Exchange Version 2 fragmentation DoS vulnerability.

CVE-2016-1344 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.8.

There are multiple vulnerabilities in ntpd affecting Cisco products – October 2015.

The multiple CVE case numbers are CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7705, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, and CVE-2015-7871 and the combined CVSS v3 base score is 7.2.

Multiple vulnerabilities in ntpd (April 2015) Affecting Cisco Products.

CVE-2015-1798 and CVE-2015-1799 are the case numbers assigned to this vulnerability, which has a CVSS v3 base score of 5.8.

Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 DoS vulnerabilities.

CVE-2015-0642 and CVE-2015-0643 are the case numbers assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

Cisco IOS Software and IOS XE Software TCP packet memory leak vulnerability.

CVE-2015-0646 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

There are multiple Vulnerabilities in OpenSSL (March 2015) affecting Cisco products.

CVE-2015-0207, CVE-2015-0209, CVE-2015-0285, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0290, CVE-2015-0291, CVE-2015-0292, CVE-2015-0293, and CVE-2015-1787 are the case numbers assigned to these vulnerabilities, which have a combined CVSS v3 base score of 4.0.

There is a SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) vulnerability.

CVE-2014-3566 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 4.0.

There is also a Cisco IOS Software DHCP Version 6 DoS vulnerability.

CVE-2014-3359 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

There are Cisco IOS Software Metadata vulnerabilities.

CVE-2014-3355 and CVE-2014-3356 are the case numbers assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

There is also a Cisco IOS Software Network Address Translation DoS vulnerability.

CVE-2014-3361 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.8.

There is also a Cisco IOS Software RSVP vulnerability.

CVE-2014-3354 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

Cisco IOS Software Session Initiation Protocol DoS vulnerability.

CVE-2014-3360 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

There is also a Cisco IOS Software IPsec DoS vulnerability.

CVE-2014-3299 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.7.

There are multiple vulnerabilities in OpenSSL affecting Cisco products.

CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, and CVE-2014-3470 are the case numbers assigned to these vulnerabilities, which have a combined CVSS v3 base score of 10.0.

There is also a Cisco IOS Software Crafted IPv6 Packet DoS vulnerability.

CVE-2014-2113 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

There is also a Cisco IOS Software Internet Key Exchange Version 2 DoS vulnerability.

CVE-2014-2108 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

There are also Cisco IOS Software network address translation vulnerabilities.

CVE-2014-2109 and CVE-2014-2111 are the case numbers assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

In addition, there is a Cisco IOS Software session initiation protocol DoS vulnerability.

CVE-2014-2106 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

There is a Cisco IOS Software SSL VPN DoS vulnerability.

CVE-2014-2112 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.6.

Rockwell Automation provided a new firmware version, Version 15.6.3, to mitigate these vulnerabilities.

Rockwell Automation encourages users of the affected versions to update to the latest available software versions addressing the associated risk, and including improvements to further harden the software and enhance its resilience against similar malicious attacks. Users can click here to find the latest firmware version by searching for their device.

Additional precautions and risk mitigation strategies specific to these types of attacks are recommended in the Rockwell Automation security release. When possible, multiple strategies should be implemented simultaneously.



Leave a Reply

You must be logged in to post a comment.