Wednesday, April 17, 2024

Vulnerabilities in Open Automation Software Platform Let Attackers Execute Remote Code

Jared Rittle of Cisco Talos discovered several critical and high-severity vulnerabilities in the Open Automation Software Platform that allow attackers to execute remote code.

The researcher found eight vulnerabilities in the Open Automation Software Platform that could allow an attacker to carry out a variety of malicious actions, including improperly authenticating into the targeted device and causing a denial of service.

Open Automation Software is a US-based company that provides connectivity solutions for ICS or IoT devices, databases, and custom applications. The company’s Open Automation Software (OAS) Platform, powered by a universal data connector, can be used to move data between PLCs from different vendors, from a PLC to a database, or from a database to visualization.

Vulnerabilities in Open Automation Software Platform

The two vulnerabilities were assigned a “critical” severity rating, tracked as (CVE-2022-26082), which an attacker could exploit to gain the ability to execute arbitrary code on the targeted machine. This issue has a severity score of 9.1 out of a possible 10.

Another vulnerability is tracked as (CVE-2022-26833) which has a 9.4 severity score and could lead to the unauthenticated use of the REST API.

The other two vulnerabilities were identified and tracked as (CVE-2022-27169) and (CVE-2022-26067) which could allow an attacker to obtain a directory listing at any location permissible by the underlying user by sending a specific network request.

Further, the information disclosure vulnerability is tracked as (CVE-2022-26077) which provides the attacker with a list of usernames and passwords for the platform that could be used in future attacks.

The vulnerability tracked as (CVE-2022-26026) will be activated by a specially crafted network request, leading to a denial of service and a loss of communication.

The other two vulnerabilities allow an attacker to make external configuration changes, including creating a new security group on the Platform and creating new user accounts arbitrarily which are tracked as (CVE-2022-26303) and (CVE-2022-26043).

Mitigations

Cisco Talos make sure that these vulnerabilities are fixed and an update is available for affected customers. The company recommended that organizations using the vulnerable software ensure suitable network segmentation is in place so that the attackers have the lowest possibility of access to the network on which the OAS Platform communicates.

Cisco advises the users to update these affected products as soon as possible: Open Automation Software OAS Platform, version 16.00.0112.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Website

Latest articles

LightSpy Hackers Target Indian Apple Device Users To Steal Sensitive Data

Hackers target Apple device users because they are perceived to be of higher social...

Trustifi’s Email Security Awareness Training – Empowering MSPs to Train & Protect Clients

In today's digital landscape, email security has become a critical concern for businesses of...

Personal Data Exposed in Massive Global Hack: Understanding the Implications & Guarding Privacy- Axios Security Group

In a digital age where information is the new currency, the recent global hack...

Ex-Security Engineer Jailed For Hacking Decentralized Cryptocurrency Exchanges

Ahmed exploited a vulnerability in a decentralized cryptocurrency exchange's smart contract by injecting fabricated...

Omni Hotels & Resorts Hack: Attackers have Stolen Customer Information

Omni Hotels & Resorts has revealed that it was the target of a recent...

Connect:fun Attacking Organizations Running Fortinet’s FortiClient EMS

A new exploit campaign has emerged, targeting organizations that utilize Fortinet’s FortiClient EMS.Dubbed...

TA558 Hackers Compromised 320+ Organizations’ FTP & SMTP Servers

TA558, a financially motivated threat actor identified in 2018, is targeting several countries but...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles