The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an advisory warning of multiple vulnerabilities in the OpENer EtherNet/IP stack that could expose industrial systems to denial-of-service (DoS) attacks, data leaks, and remote code execution.
All OpENer commits and versions prior to February 10, 2021, are affected, although there are no known public exploits that specifically target these vulnerabilities.
The four security flaws were discovered and reported to CISA by researchers Tal Keren and Sharon Brizinov from operational technology security company Claroty. Additionally, a fifth security issue identified by Claroty was previously disclosed by Cisco Talos (CVE-2020-13556) on December 2, 2020.
“An attacker would only need to send crafted ENIP/CIP packets to the device in order to exploit these vulnerabilities,” the researchers said.
CVE-2020-13556 concerns an out-of-bounds write vulnerability in the Ethernet/IP server that could potentially allow an attacker to send a series of specially-crafted network requests to trigger remote code execution. It’s rated 9.8 out of 10 in severity.
The four other flaws disclosed to EIPStackGroup, the…