Security News > 2020 > February > Touch panels deployed in critical infrastructure vulnerable to remote attacks
Manufacturing facilities and processing centers using AutomationDirect C-more Touch Panels are advised to upgrade their firmware ASAP, as older versions contain a high-risk vulnerability that may allow attackers to get account information such as usernames and passwords, obscure or manipulate process data, and lock out access to the device.
Manufactured by US-based AutomationDirect, the vulnerable C-more Touch Panels EA9 series are human-machine interfaces capable of communicating with a wide variety of programmable logic controllers.
CVE-2020-6969, reported by Joel Langill of Amentum Mission Engineering & Resilience, is a vulnerability that could allow attackers "To unmask credentials and other sensitive information on 'unprotected' project files, which may allow them to remotely access the system and manipulate system configurations."
The vulnerability can be exploited remotely without authentication or user interaction, may affect confidentiality, integrity and availability of the system, and requires a low skill level to exploit.
Control system devices and/or systems should, in general, not be accessible from the internet, CISA recommends, and control system networks and remote devices should be located behind firewalls and isolated from the business network.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/5XkMWjY2KtM/
Related news
- New IOCONTROL malware used in critical infrastructure attacks (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Critical bug in EoL D-Link NAS devices now exploited in attacks (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-05 | CVE-2020-6969 | Insufficiently Protected Credentials vulnerability in Automationdirect products It is possible to unmask credentials and other sensitive information on “unprotected” project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations. | 9.8 |