Belden released a new software version to mitigate an authentication bypass using an alternate path or channel on its Hirschmann GECKO switches, according to a report with ICS-CERT.
The vulnerability, discovered by Davy Douhine of RandoriSec, is remotely exploitable.
Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions suffers from the issue.
Successful exploitation of this vulnerability may allow a remote attacker to access a copy of the configuration file of an affected device without authenticating, exposing sensitive information.
After an administrator downloads a configuration file, a copy of the configuration file, which includes hashes of user passwords, ends up saved to a location accessible without authentication.
CVE-2017-5163 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.9.
The product ends up deployed in multiple sectors on a global basis.
No known public exploits specifically target this vulnerability. An attacker would have to have a high skill level to exploit the vulnerability.
To address the vulnerability, Belden released a new software version, Version 02.0.01.
St. Louis, Mo-based Belden recommends users update to the newest software version. As an interim compensating control, Belden said users can reboot affected devices after each configuration download, preventing the vulnerable state.
For additional information, please review Belden’s security bulletin, BSECV-2016-5.