The vulnerabilities could allow an attacker to crash an industrial device or in some cases, enable remote code execution," Claroty researchers Mashav Sapir and Vera Mens said in a new analysis. This highlights the severity and potential consequences of the identified vulnerabilities, indicating how attackers could gain significant control over industrial systems, which are critical to operations.
MMS is an OSI application layer messaging protocol that enables remote control and monitoring of industrial devices by exchanging supervisory control information in an application-agnostic manner. The importance of this protocol in facilitating communication between intelligent electronic devices and supervisory control and data acquisition systems cannot be overstated. Its vulnerabilities can disrupt this essential communication.
The five shortcomings identified by the operational technology security company impact MZ Automation's libIEC61850 library and Triangle MicroWorks' TMW IEC 61850 library, and were patched in September and October 2022 following responsible disclosure. This reveals the proactive measures taken by the companies once vulnerabilities were discovered, but also underscores the need for constant vigilance in maintaining security.
Claroty's analysis also found that Siemens SIPROTEC 5 IED relied on an outdated version of SISCO's MMS-EASE stack for MMS support, which is susceptible to a DoS condition via a specially crafted pack. This emphasizes how outdated software can leave systems vulnerable to attacks and illustrates the importance of regularly updating systems to mitigate security risks.
#mms-protocol #security-vulnerabilities #industrial-control-systems #cybersecurity #claroty-analysis
Collection
[
|
...
]