Carlo Gavazzi patched a series of vulnerabilities in its VMU-C EM, VMU-C PV product lines, according to a report with ICS-CERT.
The remotely exploitable vulnerabilities include access control flaws, cross-site request forgery (CSRF), sensitive information stored in clear text, according to the report.
Researcher Karn Ganeshen, who reported these vulnerabilities, tested the patch to ensure it works.
The vulnerabilities affect the following versions:
• VMU-C EM prior to firmware Version A11_U05
• VMU-C PV prior to firmware Version A17
Successful exploitation of these vulnerabilities could allow the attacker to execute configuration parameter changes and saving modified configuration.
In one vulnerability, the access control flaw allows access to most application functions without authentication.
CVE-2017-5144 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8.
In addition, successful exploitation of the CSRF vulnerability can allow execution of unauthorized actions on the device such as configuration parameter changes, and saving modified configuration.
CVE-2017-5145 is the case number for this vulnerability, which has a CVSS v3 base score of 10.0.
Also, sensitive information ends up stored in clear-text.
CVE-2017-5146 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.
It would take a low skill level for an attacker to exploit the vulnerabilities.
Carlo Gavazzi recommends upgrading to the following firmware versions:
• VMU-C EM A11_U05 for VMUC EM
• VMU-C PV A17 for VMUC PV
The relevant firmware versions are available either by means of the firmware update function embedded in the VMU-C or by downloading them from Carlo Gavazzi’s web site.
After the user clicks on the site, then they should:
1. Click on “Select the Product.”
2. Choose “Web-Server” from the “FUNCTION” column.
3. A list including both VMU-C EM and VMU-C PV will appear; select the target VMU-C model from the list.
4. From the “downloads” section on the right, click on the “Software” icon to start downloading the updated firmware package.