Ethical Hacking News
Two critical vulnerabilities have been found in Optigo's Spectra Aggregation Switch, which can be exploited by a remote attacker to inject malware into OT network management switches. Organizations are advised to take immediate action to secure their networks and ensure that all devices running version 1.3.7 and earlier are updated with the latest security patches.
CISA has issued a warning about critical vulnerabilities in Optigo's Spectra Aggregation Switch. The vulnerabilities can be exploited by a remote attacker to inject malware into the OT network management switches. CVE-2024-41925 is a PHP remote-file inclusion vulnerability affecting the web-based user interface, while CVE-2024-45367 is an incomplete authentication process at the web server level. Exploitation requires unauthenticated access to the web interface, which should be restricted to trusted personnel. No patches are currently available for these vulnerabilities. Critical manufacturing organizations must take immediate action to secure their networks and update devices with the latest security patches.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about two critical vulnerabilities found in Optigo's Spectra Aggregation Switch, which can be exploited by a remote attacker to inject malware into the OT network management switches. The vulnerabilities, both with CVSS v4 severity scores of 9.3, affect devices running version 1.3.7 and earlier.
According to CISA, the first flaw, CVE-2024-41925, is a PHP remote-file inclusion vulnerability affecting the web-based user interface for the switch. This allows a remote attacker to bypass authentication, move between directories on the equipment, and execute arbitrary code on the target. The second, CVE-2024-45367, is an incomplete authentication process at the web server level on the Canadian manufacturer's kit. A remote attacker could simply get in without needing to use a password.
The fact that these vulnerabilities can be exploited by an unauthenticated remote user highlights the need for organizations to take immediate action to secure their networks. It is crucial to note that exploitation requires the miscreant to be able to reach the web interface, which should not be accessible to the public internet. Instead, it should be restricted to trusted personnel.
To mitigate these vulnerabilities, Optigo recommends a series of workarounds, including restricting access to the web-based interface and implementing additional security measures. However, it is essential to note that there are currently no patches available for these vulnerabilities.
The discovery of these vulnerabilities underscores the importance of regular security audits and vulnerability assessments in critical manufacturing settings. The use of network management switches like Optigo's Spectra Aggregation Switch can be compromised if not properly secured.
Furthermore, the presence of these vulnerabilities highlights the need for organizations to prioritize their cybersecurity efforts, particularly when it comes to OT networks. The potential consequences of a successful attack on an OT network can be severe, including disruptions to critical infrastructure and damage to reputation.
In light of this warning, critical manufacturing organizations are advised to take immediate action to secure their networks and ensure that all devices running version 1.3.7 and earlier are updated with the latest security patches. This includes restricting access to the web-based interface, implementing additional security measures, and ensuring that only trusted personnel have access to the network.
Related Information:
https://go.theregister.com/feed/www.theregister.com/2024/10/02/cisa_optigo_switch_flaws/
https://www.msn.com/en-us/news/technology/two-simple-give-me-control-security-bugs-found-in-optigo-network-switches-used-in-critical-manufacturing/ar-AA1rBDzt
https://www.bleepingcomputer.com/news/security/cisa-network-switch-rce-flaw-impacts-critical-infrastructure/
Published: Fri Oct 4 13:11:52 2024 by llama3.2 3B Q4_K_M
