29 January 2018

Vulnerability in Nari PCS-9611 relays

US ICS-СERT has published an advisory on a vulnerability in Nari PCS-9611 protection relays, which are used in the electric power sector. The vulnerability affects all PCS-9611 versions.

The flaw was identified by Kaspersky Lab researchers and was assigned the ID CVE-2018-5447. Its exploitation enables a remote attacker to arbitrarily read/access system resources and affect the availability of the system.

This is an improper input validation vulnerability; it has been assigned a CVSS base score of 9.8. The problem is exacerbated by the existence of an exploit for the vulnerability.

To date, Nari has not made any comment on the issue.

Recommended measures to minimize the risk of exploitation of this vulnerability include isolating control systems from corporate networks and implementing secure access to critical systems using firewalls and virtual private networks (VPN).

Source: ICS-СERT