Article No° | Product Name | Affected Version(s) |
---|---|---|
- | FDS102 for FAdC/FAdCi | 2.10.0 <= 2.10.1 |
Frauscher Sensortechnik GmbH FDS102 for FAdC/FAdCi v2.10.1 is vulnerable to a remote code execution (RCE) vulnerability via manipulated parameters of the web interface by using an authenticated session cookie.
This vulnerability allows an remote attacker with low privileges to misuse Improper Control of Generation of Code ('Code Injection') to gain full control of the affected device.
This vulnerability may lead to a full compromise of the FDS102 device.
Mitigation
Security-related application conditions SecRAC
The railway operator must ensure that only authorised personnel or people in the company of authorised personnel have access to the Frauscher Diagnostic System FDS102.
The recommendation is to connect the Frauscher Diagnostic System FDS102 to a network of category 2. If the Frauscher Diagnostic System FDS102 is connected to a network of category 3 (according to EN 50159:2010), then additional protective measures must be added.
Remediation
Update to FDS102 v2.10.2 or higher
CERT@VDE coordinated with Frauscher Sensortechnik GmbH