Sewio, InHand Networks, Sauter Controls, and Siemens products are all affected by severe security issues, according to several Industrial Control Systems (ICS) warnings published by the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
The most serious vulnerability affects Sewio’s RTLS Studio, which CISA states may be used by an attacker to “get unauthorized access to the server, modify information, cause a denial-of-service issue, acquire escalation privileges, and execute arbitrary code.”
This includes CVE-2022-45444 (CVSS score: 10.0), a vulnerability in which the application database contains hard-coded passwords for a subset of users that could allow remote attackers unrestricted access.
An out-of-bounds write vulnerability (CVE-2022-41989, CVSS score: 9.1) and two command injection issues (CVE-2022-47911 and CVE-2022-43483, CVSS scores: 9.1) that might lead to a denial-of-service scenario or code execution are also noteworthy.
The flaws affect versions of RTLS Studio 2.0.0 through to and including version 2.6.2. Therefore, users are advised to upgrade to 3.0.0 or later.
In a subsequent warning, CISA drew attention to a group of five security flaws in InHand Networks InRouter 302 and InRouter 615, among them CVE-2023-22600 (CVSS score: 10.0), which might result in command injection, information leakage, and code execution.
The agency warned that if these flaws were correctly linked, an unauthorized remote user might ultimately compromise any InHand Networks device controlled by the cloud.
There are problems in all InRouter 302 and InRouter 615 firmware versions before IR302 V3.5.56 and IR6XX-S-V2.3.0.r5542, respectively.
Additionally, security flaws have been identified in Sauter Controls Nova 220, Nova 230, Nova 106, and moduNet300 that might enable remote code execution and unauthorized access to sensitive information (CVE-2023-0053, CVSS score: 7.5). (CVE-2023-0052, CVSS score: 9.8).
Though the product line is no longer maintained, the Swiss-based automation business does not intend to produce remedies for the flaws that have been found.
Last, the security organization reported an XSS vulnerability in Siemens Mendix SAML hardware (CVE-2022-46823, CVSS score: 9.3) that might allow a threat actor to get sensitive information by fooling users into opening a carefully designed link.
Users are urged to upgrade Mendix SAML to versions 2.3.4 (Mendix 8), 3.3.8 (Mendix 9, Upgrade Track), or 3.3.9 (Mendix 9, New Track) to reduce risks.
MANAGED CYBERSECURITY SOLUTIONS
Rhyno delivers a range of activities that combine to fully protect your infrastructure and data from cybercriminals, anywhere and everywhere, 24/7/365.
About Rhyno Cybersecurity Services
Rhyno Cybersecurity is a Canadian-based company focusing on 24/7 Managed Detection and Response, Penetration Testing, Enterprise Cloud, and Cybersecurity Solutions for small and midsize businesses.
Our products and services are robust, innovative, and cost-effective. Underpinned by our 24x7x365 Security Operations Centre (SOC), our experts ensure you have access to cybersecurity expertise when you need it the most.