Summary
Products from the Edge Gateway Family are affected by recently published so called RegreSSHion vulnerability.
Impact
The vulnerability can lead to unauthenticated remote code execution.
Affected Product(s)
Model no. | Product name | Affected versions |
---|---|---|
WEG500100170 | EG500Mk2-A11001-000101 | Firmware <=v1.5.3 |
WEG500100290 | EG500Mk2-A11001-000201 | Firmware <=v1.5.3 |
WEG500100160 | EG500Mk2-A11101-000101 | Firmware <=v1.5.3 |
WEG500100280 | EG500Mk2-A12011-000101 | Firmware <=v1.5.3 |
WEG500100190 | EG500Mk2-B11001-000101 | Firmware <=v1.5.3 |
WEG500100180 | EG500Mk2-B11101-000101 | Firmware <=v1.5.3 |
WEG500100270 | EG500Mk2-C11001-000101 | Firmware <=v1.5.3 |
WEG500100260 | EG500Mk2-C11101-000101 | Firmware <=v1.5.3 |
WEG500100020 | EG503L | Firmware <=v1.5.3 |
WEG500100130 | EG503L-G | Firmware <=v1.5.3 |
WEG500100040 | EG503L_4GB | Firmware <=v1.5.3 |
WEG500100010 | EG503W | Firmware <=v1.5.3 |
WEG500100030 | EG503W_4GB | Firmware <=v1.5.3 |
WEG600100020 | EG602L | Firmware <=v1.5.3 |
WEG600100010 | EG602W | Firmware <=v1.5.3 |
WEG600100050 | EG603L Mk2 | Firmware <=v1.5.3 |
WEG600100040 | EG603W Mk2 | Firmware <=v1.5.3 |
WEG800100010 | EG802W | Firmware <=v1.5.3 |
WEG800100040 | EG802W_i7_512GB_DinRail | Firmware <=v1.5.3 |
WEG800100050 | EG802W_i7_512GB_w/o DinRail | Firmware <=v1.5.3 |
WEG800100020 | EG804W | Firmware <=v1.5.3 |
Vulnerabilities
Expand / Collapse allA security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Mitigation
Disable SSH Access via CLI Command or Config Import locally or for a centrally managed device by changing the configuration in SMART EMSRefer to eG OS manual chapter 4.26 for further information
Remediation
Update egOS on affected products to version v1.5.4
Acknowledgments
Welotec GmbH thanks the following parties for their efforts:
- CERT@VDE for coordination (see https://certvde.com )
- Qualys Threat Research Unit (TRU) for reporting
Revision History
Version | Date | Summary |
---|---|---|
1 | 22.08.2024 08:00 | Initial revision. |