| Article No° | Product Name | Affected Version(s) |
|---|---|---|
| - | SIMA² Master Station | < V 2.6 |
Forescout Research Labs, partnering with JSOF Research, disclosed NAME:WRECK, a set of Domain Name System (DNS) vulnerabilities that have the potential to cause either Denial of Service (DoS) or Remote Code Execution, allowing attackers to take targeted devices offline or to gain control over them. The vulnerability could be exploited by an attacker on the same network or on a remote network by spoofing packets.
** UNSUPPORTED WHEN ASSIGNED ** A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability may lead to a Denial of Service (DoS) or arbitrary code execution on affected SIMA² Master Stations. This may allow an adversary to take the device offline or to take over control of the device.
Mitigation
In case you cannot upgrade your SIMA² Master Station to software Version 2.6 or above, it is recommended to configure the use of internal DNS servers only and block external DNS traffic where possible. It is also recommended to segment networks and shield affected devices from untrusted networks, e.g., using firewalls. Network intrusion detection mechanisms can be used to filter malicious packets.
Remediation
The described vulnerabilities have been fixed in the SIMA² Master Stations with software version V 2.6 or higher. SIMA² Master Stations with software versions < V 2.6 can be upgraded. AUMA recommends applying a product update at the earliest convenience.
CERT@VDE coordinated with AUMA.