A critical vulnerability uncovered in Real-Time Automation’s (RTA) 499ES EtherNet/IP (ENIP) stack could open up the industrial control systems to remote attacks by adversaries.
RTA’s ENIP stack is one of the widely used industrial automation devices and is billed as the “standard for factory floor I/O applications in North America.”
“Successful exploitation of this vulnerability could cause a denial-of-service condition, and a buffer overflow may allow remote code execution,” the US cybersecurity and infrastructure agency (CISA) said in an advisory.
As of yet, no known public exploits have been found to target this vulnerability. However, “according to public search engines for Internet-connected devices (e.g. shodan.io) there are more than 8,000 ENIP-compatible internet-facing devices.”
Tracked as CVE-2020-25159, the flaw is rated 9.8 out of 10 in severity by the industry-standard Common Vulnerability Scoring System (CVSS) and impacts all versions of EtherNet/IP Adapter Source Code Stack prior to 2.28, which was released on November 21, 2012.
The stack overflow vulnerability was disclosed to CISA last month by Sharon Brizinov, a security researcher for operational technology…