Security News > 2020 > July > Researchers find critical RCE vulnerabilities in industrial VPN solutions
Critical vulnerabilities in several industrial VPN implementations for remotely accessing operational technology networks could allow attackers to overwrite data, execute malicious code or commands, cause a DoS condition, and more.
"Exploiting these vulnerabilities can give an attacker direct access to the field devices and cause some physical damage," Claroty researchers noted.
This situation has spurred the researchers to search for vulnerabilities in industrial VPN solutions used by remote operators and third-party vendors for accessing, maintaining and monitoring field controllers, programmable logic controllers and input/output devices deployed at oil and gas installations, water utilities and electric utilities.
These include Secomea's GateManager M2M Server, Moxa's industrial VPN servers with an all-in-one secure router, and HMS Networks's eCatcher VPN client.
Moxa's EDR-G902 and EDR-G903 series secure routers/VPN servers sport a stack-based buffer overflow bug that could lead to RCE. Finally, there's a stack-buffer overflow bug in HMS Networks' eCatcher, a proprietary VPN client that is used to connect to the company's eWon VPN device, which allows machine builders and factory owners to remotely monitor the performance of their equipment.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/3JhZ9IIxB7k/
Related news
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- HPE warns of critical RCE flaws in Aruba Networking access points (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Critical vulnerabilities persist in high-risk sectors (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
- D-Link urges users to retire VPN routers impacted by unfixed RCE flaw (source)