Smart Security Manager gets Fix
Monday, February 13, 2017 @ 05:02 PM gHale
Hanwha Techwin created a patch to fix remote code execution vulnerabilities in its Smart Security Manager, according to a report with ICS-CERT.
Smart Security Manager Versions 1.5 and prior suffer from the remotely exploitable issue discovered by Steven Seeley of Source Incite.
Successful exploitation of these vulnerabilities could allow an attacker to create an arbitrary file on the server with attacker controlled data as well as an attacker gaining root shell access. These conditions could allow remote code execution.
In one vulnerability, there are multiple path traversal vulnerabilities. The flaws exist within the ActiveMQ Broker service installed as part of the product. By issuing specific HTTP requests, if a user visits a malicious page, an attacker can gain access to arbitrary files on the server. Smart Security Manager Versions 1.4 and prior to 1.31 suffer from these vulnerabilities. These vulnerabilities can allow for remote code execution.
CVE-2017-5168 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.
In another vulnerability, there are multiple cross site request forgery vulnerabilities. The flaws exist within the Redis and Apache Felix Gogo servers installed as part of this product. By issuing specific HTTP Post requests, an attacker can gain system level access to a remote shell session. Smart Security Manager Versions 1.5 and prior suffer from these vulnerabilities. These vulnerabilities can allow for remote code execution.
CVE-2017-5169 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.
The Smart Security Manger sees action in multiple sectors such as commercial facilities, critical manufacturing, energy, and water and wastewater systems. The product sees action on a global basis.
No known public exploits specifically target these vulnerabilities.
South Korea-based Hanwha Techwin released a patch for v1.4 and v1.5. Customers using v1.4 and v1.5 need to upgrade using Patch_SSMv1.5_or_1.4_for_Cert_Vulnerability.
Customers using v1.3 and prior need to upgrade using patch SSM-TS v1.60.0.
Click here to find patches and updates.
Leave a Reply
You must be logged in to post a comment.