Ashish Kamble of Qualys Security and Eireann Leverett have identified authentication, denial of service, and cross-site scripting vulnerabilities in GarrettCom’s Magnum 6k and Magnum 10k product lines. GarrettCom has produced new firmware versions to mitigate these vulnerabilities. Ashish Kamble has tested the newest version to validate that it resolves the vulnerabilities he reported.
These vulnerabilities could be exploited remotely.
The following GarrettCom products are affected:
- Magnum 6K product line, all versions prior to 4.5.6, and
- Magnum 10K product line, all versions prior to 4.5.6.
An attacker who exploits these vulnerabilities may be able to remotely execute arbitrary code on the target device or cause the device to reboot.
Impact to individual organizations depends on many factors that are unique to each organization. NCCIC/ICS-CERT recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation.
GarrettCom is a US-based company that maintains offices also in Europe.
The Magnum MNS-6K Management Software provides device management for the Magnum 6K line of managed Ethernet switches. According to GarrettCom, the 6K line of switches are deployed across several sectors including Critical Manufacturing, Defense Industrial Base, Energy, Transportation Systems, and Water and Wastewater Systems. GarrettCom estimates that these products are used primarily in the United States with a small percentage in Europe and Asia, though they are available worldwide.
Источник: ICS-CERT Advisory (ICSA-15-167-01)