Network kit biz Phoenix takes heat as flaws may leave industrial control system security in ashes

Oil, gas, maritime systems affected by latest bug findings

Companies running a popular brand of industrial Ethernet switch are being advised to update their firmware ASAP following a series of bug disclosures.

Security house Positive Technologies took credit today for the discovery of six CVE-listed security vulnerabilities in the Phoenix Contact FL Switch 3xxx, 4xxx, and 48xx industrial control switches. The flaws are addressed in firmware versions 1.35 or newer.

Among the now-patched flaws were several Positive described as "critical" security risks that could be exploited to knock vulnerable devices offline or pull off man-in-the-middle attacks.

"Successful exploitation of these weaknesses has the potential to cause disruption, or even total interruption, of ICS operations," Positive Technologies SCADA research analyst Paolo Emiliani said in the company's write-up of the issue.

"An attacker can intercept user credentials and then re-configure a switch to disable its ports, resulting in failure of network communication between ICS components."

These are particularly serious bugs given where many of the vulnerable network switches are used. Positive says the Contact FL line is particularly popular for oil and energy facilities, as well as maritime systems, where a controller breakdown would be a major headache.

All of the vulnerabilities were discovered and privately reported by researchers Evgeny Druzhinin, Ilya Karpov, and Georgy Zaytsev.

Two of the more series flaws were CVE-2018-13993, a cross-site request forgery that would let an attacker use the web interface to control a vulnerable switch and send arbitrary commands, and CVE-2018-13990, a brute force vulnerability caused by the switch not having a timeout period between login attempts.

Factory crane

Yes, you can remotely hack factory, building site cranes. Wait, what?


CVE-2018-13992 is a possible password theft vulnerability caused by the switch transmitting login information over its web interface as plain text, while CVE-2018-13991 is a man-in-the-middle flaw that could allow an attacker to harvest encryption keys.

Two other bugs, CVE-2018-13994 and CVE-2017-3735 are denial of service vulnerabilities caused by a buffer error and the web interface not properly limiting the number of possible connections.

All of the bugs can be patched by updating the switch's firmware to the latest build (in this case 1.35 or later). Those downloads can be found on the managed switch products page on Phoenix's website. ®

Sponsored: Balancing consumerization and corporate control

Biting the hand that feeds IT © 1998–2019

Wholesale NFL Jerseys Pitty's News 0k's - We Share News Buy Best Cheap NHL jerseys Online Wholesale Mlb Jerseys Cheap NBA Jerseys Bu9'er We Share News Off the World Web Sitemap Cheap Wholesale NFL Jerseys USA Buy Coolest Soccer Jerseys Replica Soccer Jerseys AIR's duck All Sports Share News Wholesale NHL Jerseys Cheap NHL Jerseys Top Selling NFL Jerseys Wholesale Cheap MLB Jerseys From China B's News KG'in9 Share News Top Selling NBA Jerseys Wholesale jerseys
wholesale jerseys |  cheap jerseys |  cheap jerseys |  wholesale jerseys |  Wholesale jerseys |  cheap jerseys wholesale |  Cheap NFL Jerseys |  Wholesale nfl jerseys |  cheap nfl jerseys |  Wholesale NHL Jerseys Online |  wholesale basketball jerseys |  wholesale baseball jerseys |  cheap hockey jerseys |  wholesale authentic nba jerseys |  WebSiteMap |  replica jerseys from china |  WebSiteMap |  cheap replica nba jerseys |  cheap nfl training jerseys |  replica jerseys |  china replica jerseys |  retro jerseys |  authentic nfl jerseys |  custom nfl jerseys |  cheap authentic jerseys |  Cheap NFL Jerseys Free Shipping |  Cheap Authentic MLB Jerseys |  Bayern Munich Jerseys Black |