22 February 2018

Vulnerabilities in GE D60 Line Distance Relay devices

US ICS-СERT has published an advisory on vulnerabilities in the firmware of the General Electric D60 relay. The vulnerabilities affect equipment with firmware versions 7.11 and earlier.

The newly identified issues have to do with multiple buffer overflow vulnerabilities (CVE-2018-5475) and an improper restriction of operations within the bounds of a memory buffer (CVE-2018-5473). These vulnerabilities were identified by a Kaspersky Lab researcher. They can be exploited remotely by an attacker with a low skill level.

The vendor has released a new firmware version to close these vulnerabilities.

To reduce the risk of exploitation, isolating control systems from corporate networks is recommended. Other recommendations include locating critical systems behind firewalls and using secure methods, such as VPN, to access them.

Source: ICS-СERT