Westermo Firmware Release Fixes Issues

Thursday, August 24, 2017 @ 02:08 PM gHale


Westermo released new firmware that mitigates multiple vulnerabilities in its MRD-305-DIN, MRD-315, MRD-355, and MRD-455 products, according to a report with ICS-CERT.

The remotely exploitable vulnerabilities are a cross-site request forgery (CSRF), use of hard-coded credentials, and use of hard-coded cryptographic key.

RELATED STORIES
Rockwell Plan to Fix Cisco Holes
ALC Mitigation Plan for Product Holes
SpiderControl Fixes SCADA Web Server
SpiderControl MicroBrowser Fixed

The following Westermo router models and firmware versions suffer from the issues:
• MRD-305-DIN versions older than 1.7.5.0
• MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0

Successful exploitation of these vulnerabilities, discovered by Mandar Jadhav from Qualys Security, could allow a remote attacker to obtain hard-coded cryptographic keys, hard-coded credentials, or trick a user into submitting a malicious request, resulting in the attacker gaining unauthorized access to the device and running arbitrary code.

No known public exploits specifically target these vulnerabilities. However, an attacker with low skill level could leverage the vulnerabilities.

In the cross-site request forgery issue, the application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to trick a user into making a malicious request to the server.

CVE-2017-12703 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.8.

The device utilizes hard-coded credentials, which could allow for unauthorized local low privileged access to the device.

CVE-2017-12709 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.9.

In addition, the device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source.

CVE-2017-5816 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 10.0.

The product sees use mainly in the commercial facilities, critical manufacturing, and energy sectors. They also see action on a global basis.

Sweden-based Westermo recommends users update to the latest firmware version 1.7.7.0. Click here to download the new version.

Westermo also released a security advisory.



Leave a Reply

You must be logged in to post a comment.