Flaw in Schneider Industrial Firewalls Allows Remote Code Execution

At the SecurityWeek’s 2016 ICS Cyber Security Conference last week, researchers at industrial security firm CyberX disclosed several important vulnerabilities.

The experts demonstrated how hackers can target ICS systems and passing security measures in places.

Among the vulnerabilities disclosed by the experts, there is a flaw affecting a Schneider Electric industrial firewall that could be exploited by hackers for remote code execution.

The vulnerability affects products of the Schneider Electric’s ConneXium TCSEFEC family of industrial ethernet firewalls. This family of products is used in the industrial contexts for the protection of SCADA systems, automation systems, industrial networks and other systems.

The experts discovered that the web-based administration interface of the Schneider Electric’s ConneXium TCSEFEC firewalls is affected by a buffer overflow. The exploitation of the flaw could allow attackers to execute arbitrary code.

“Exploitation of this security hole could also lead to manipulation of control systems, which, in a worst case scenario, could result in physical damage. Programmable logic controllers (PLCs) typically don’t have any type of authentication, allowing attackers to easily gain access and exploit known or zero-day flaws.” Eduard Kovacs from Security Week reported that a threat actor could exploit the flaw to change firewall rules, eavesdrop on traffic, inject malicious traffic, and disrupt communications.

The researchers also reported the flaw to the US ICS-CERT that is to issue a security advisory.

Leave a Reply

Your email address will not be published. Required fields are marked *