09 July 2018
Multiple vulnerabilities in Allen-Bradley Stratix 5950 appliances
Multiple vulnerabilities have been identified in Rockwell Automation’s Allen-Bradley Stratix 5950 network security appliances. Successful exploitation of these vulnerabilities could allow attackers to circumvent the certificate verification procedure to connect to a target device or cause it to malfunction.
The issue is due to vulnerabilities in the Cisco Adaptive Security Appliance (Cisco ASA) operating system, which is used in Allen-Bradley Stratix 5950 solutions. The vulnerability affects the following Allen-Bradley Stratix 5950 models running Cisco ASA version 9.6.2 or earlier:
Critical issues (CVSS v.3 base score 8.6) include DoS vulnerabilities that can be exploited by remote unauthorized attackers to cause an affected device to malfunction.
One of these vulnerabilities (CVE-2018-0228) is due to the incorrect implementation of the ingress flow creation functionality and could allow an unauthenticated threat actor to cause CPU utilization to increase to 100%. Two other flaws (CVE-2018-0231 and CVE-2018-0240) are associated with the Cisco ASA Transport Layer Security (TLS) library and Cisco Firepower Threat Defense (FTD) respectively, and could both trigger a reload of an affected device.
A vulnerability in the web interface of Cisco ASA (CVE-2018-0296) could also lead to an unexpected reload of an affected device and a denial-of-service condition. On some software releases, the ASA may not reload, but a threat actor could view sensitive system information without authentication.
Additionally, a vulnerability (CVE-2018-0227) in the SSL certificate authentication feature could allow an unauthenticated remote threat actor to establish a VPN connection and bypass certain SSL certificate verification steps. A CVSS v.3 base score of 7.5 has been calculated for this vulnerability.
The vendor is developing fixes for the vulnerabilities identified in the firmware of its devices.
Threats to ICS and industrial enterprises in 2022 as they are foreseen from November 2021
23 November 2021
Good old buffer overflow
31 March 2021
Network Asset Traversal or NATural disaster: NAT Slipstreaming 2.0
30 March 2021