Telecrane Fixes F25 Series Vulnerability

Tuesday, October 23, 2018 @ 04:10 PM gHale

Telecrane has new firmware to mitigate an authentication bypass by capture-replay vulnerability in its F25 Series, according to a report with NCCIC.

Successful exploitation of this vulnerability could allow unauthorized users to view commands, replay commands, control the device, or stop the device from running.

GAIN Fixes SAGA1-L Series Holes
Advantech Fixes WebAccess Holes
OMRON Fixes Holes in CX-Supervisor
LCDS Mitigates Vulnerabilities

F25 Series all versions prior to 00.0A suffer from the vulnerability discovered by Jonathan Andersson, Philippe Z Lin, Akira Urano, Marco Balduzzi, Federico Maggi, Stephen Hilt, and Rainer Vosseler working with Trend Micro’s Zero Day Initiative reported this vulnerability to NCCIC.

In the vulnerability, these devices use fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent “stop” state.

CVE-2018-17935 is the case number has been assigned to this vulnerability, which has a CVSS v3 base score of 7.6.

The product sees use in multiple critical infrastructure sectors and it mainly sees action in the United States.

No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage the vulnerability.

Taiwan-based Telecrane recommends upgrading to the latest firmware. Firmware version 00.0A resolves this vulnerability and can be obtained through the product distributor.

Leave a Reply

You must be logged in to post a comment.