Your one-stop web resource providing safety and security information to manufacturers

Wind River and General Electric have an update to improper input validation vulnerabilities in its VxWorks and D20MX, according to a report with NCCIC.

This update is a follow-up to the original advisory for Wind River VxWorks SSH and Web Server that released April 1, 2013, almost six years ago. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories discovered these vulnerabilities.

RELATED STORIES
Rockwell Working on PowerMonitor 1000 Fix
Horner Clears Cscape Vulnerability
Delta Fixes it Industrial Automation CNCSoft
Intel Has Fix for Data Center Manager SDK Holes

Successful exploitation of these remotely exploitable vulnerabilities could cause affected products to be unavailable until the next reboot.

The following Wind River products suffer from the issue:
• Web Server & CLI vulnerabilities: VxWorks Versions 5.5 through 6.9
• SSH vulnerabilities: VxWorks Versions 6.5 through 6.9

Schneider Bold

GE reports the vulnerabilities affect the following D20MX versions:
• D20MX v1.0-1.6.2

In one vulnerability, the SSH server (IPSSH) implementation in VxWorks 6.5 through 6.9 contains a denial-of-service (DoS) vulnerability due to an issue in processing authentication requests. An attacker could send specially crafted authentication requests to cause an SSH server outage. SSH access may become unavailable until the next reboot as a result of this vulnerability being exploited.

CVE-2013-0711 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.

In addition, the SSH server (IPSSH) implementation in VxWorks 6.5 through 6.9 contains a DoS vulnerability due to an issue in processing pty requests. Receiving a specially crafted pty request packet may cause SSH access to be unavailable until the next reboot. The attacker must login with a valid user name and password combination before launching a successful attack.

CVE-2013-0713 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.5.

Also, the SSH server (IPSSH) implementation in VxWorks 6.5 through 6.9 contains vulnerability due to an issue in the processing authentication requests. Receiving a specially crafted packet for a public key authentication request may cause the server to hang and SSH access to be unavailable until the next reboot. In addition, arbitrary code may be executed on the server with administrator privileges.

CVE-2013-0714 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8.

Moreover, the WebCLI component in VxWorks 5.5 through 6.9 contains a DoS vulnerability due to an issue in parsing command strings. An attacker can login to a CLI session and cause the current CLI session to terminate. A new CLI session may be re-established without rebooting.

CVE-2013-0715 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 4.3.

In addition, the Web Server in VxWorks 5.5 through 6.9 contains a DoS vulnerability. When a user accesses the VxWorks Web Server using a specially crafted URL, the server may crash.

CVE-2013-0716 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

The product sees use mainly in the critical manufacturing, energy, and water and wastewater systems sectors. It also sees action on a global basis.

No known public exploits specifically target these vulnerabilities. However, an attacker with low skill level could leverage the vulnerabilities.

Software patches for these vulnerabilities are available for all affected VxWorks versions, according to Wind River. Users interested in obtaining these patches should contact Wind River technical support for assistance.

GE reports the vulnerabilities do not impact Version 1.7 or newer. To upgrade a D20MX to Version 1.8, users should follow the upgrade procedures:
• “TN0110 D20MX v1.8+ Upgrade Procedure” or
• “TN0111 D20MX v1.8+ Upgrade over Serial Procedure”

These are available for download from the tech support website. Once on the site, go to > Substation Automation > D20MX > Firmware v1.80 > Documentation.

Pin It on Pinterest

Share This