CISA Issues New Advisory for Industrial Control Systems

by Esmeralda McKenzie
CISA Issues New Advisory for Industrial Control Systems

CISA Issues New Advisory for Industrial Control Systems

CISA Points Fresh Advisory for Industrial Relieve watch over Methods

The Cybersecurity and Infrastructure Security Company (CISA) has launched a brand novel advisory concerning a indispensable vulnerability in industrial support an eye fixed on techniques (ICS).

The advisory, issued on June 18, 2024, highlights a indispensable security flaw in RAD Recordsdata Communications’ SecFlow-2 devices, which would possibly per chance well be exploited remotely with low attack complexity.

EHA

The vulnerability, CVE-2019-6268, has been assigned a CVSS v4 tainted ranking of 8.7, indicating a high severity level. Public exploits for this vulnerability come in, making it a pressing divulge for organizations using the affected tools.

Successful exploitation of this direction traversal vulnerability would possibly per chance well even allow an attacker to diagram refined files from the working procedure by crafting a clear quiz.

This would possibly per chance well even doubtlessly lead to unauthorized get hang of entry to to serious files and techniques.

CISA Points Fresh Advisory

The vulnerability affects all versions of the following RAD Recordsdata Communications product:

  • SecFlow-2

CVE-2019-6268 – Vulnerability Overview

The path traversal vulnerability (CWE-29) in RAD SecFlow-2 devices enables URIs for itemizing traversal.

This flaw would be exploited to read refined files. The CVSS v3.1 tainted ranking for this vulnerability is 7.5, with a vector string of (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

  • Valuable Infrastructure Sectors: Communications
  • Worldwide locations/Areas Deployed: Worldwide
  • Company Headquarters Plot: Israel

CISA stumbled on a Proof of Conception (PoC) and reported it to RAD Recordsdata Communications.

Mitigations

RAD Recordsdata Communications has indicated that the SecFlow-2 product line is Stop-Of-Existence (EOL) and recommends upgrading to the extra win RAD SecFlow-1p product line.

CISA advises users to grab the following defensive measures to diminish the likelihood of exploitation:

  • Decrease network publicity for all support an eye fixed on procedure devices and techniques, guaranteeing they’re now no longer accessible from the win.
  • Uncover support an eye fixed on procedure networks and far flung devices on the serve of firewalls and isolate them from substitute networks.
  • Exhaust win ideas, a lot like Digital Non-public Networks (VPNs), for far flung get hang of entry to, guaranteeing VPNs are up up to now to the most veil version available.

CISA also emphasizes the importance of performing true impact evaluation and risk evaluation ahead of deploying defensive measures.

Further mitigation steering and suggested practices come in on the ICS webpage at cisa.gov/ics.Organizations searching at suspected malicious job ought to put together established inner procedures and account findings to CISA for monitoring and correlation in opposition to assorted incidents.

No identified public exploitation particularly focusing on this vulnerability has been reported to CISA at present.

Source credit : cybersecuritynews.com

Related Posts