Wednesday, May 3, 2023

CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units

May 03, 2023Ravie LakshmananICS/SCADA Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released an Industrial Control Systems (ICS) advisory about a critical flaw affecting ME RTU remote terminal units.

The security vulnerability, tracked as CVE-2023-2131, has received the highest severity rating of 10.0 on the CVSS scoring system for its low attack complexity.

"Successful exploitation of this vulnerability could allow remote code execution," CISA said, describing it as a case of command injection affecting versions of INEA ME RTU firmware prior to version 3.36.

Security researcher Floris Hendriks of Radboud University has been credited with reporting the issue to CISA.

Also published by CISA is an alert related to multiple known security holes in Intel(R) processors impacting Factory Automation (FA) products from Mitsubishi Electric that could result in privilege escalation and a denial-of-service (DoS) condition.

The development comes as the agency recommended critical infrastructure organizations to take necessary steps to secure the supply chains by reviewing the Federal Communications Commission's (FCC) Covered List of communications equipment that are deemed a national security risk.


Learn to Stop Ransomware with Real-Time Protection

Join our webinar and learn how to stop ransomware attacks in their tracks with real-time MFA and service account protection.

Save My Seat!

CISA has also urged entities to adopt guidance issued by NIST to identify, assess, and mitigate supply chain risks, and enroll for the agency's free Vulnerability Scanning service to pinpoint vulnerable and high-risk devices.

It further follows efforts undertaken by cybersecurity authorities in Australia, Canada, United Kingdom, Germany, Netherlands, New Zealand, and the U.S. to "take urgent steps necessary to ship products that are secure-by-design and -default."

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

from The Hacker News

No comments:

Post a Comment