Share: Email | Twitter

ID

VDE-2023-028

Published

2023-08-07 11:35 (CEST)

Last update

2023-08-07 11:35 (CEST)

Vendor(s)

AUMA Riester GmbH & Co. KG

Product(s)

Article No° Product Name Affected Version(s)
- SIMA² Master Station < V 2.6

Summary

Forescout Research Labs, partnering with JSOF Research, disclosed NAME:WRECK, a set of Domain Name System (DNS) vulnerabilities that have the potential to cause either Denial of Service (DoS) or Remote Code Execution, allowing attackers to take targeted devices offline or to gain control over them. The vulnerability could be exploited by an attacker on the same network or on a remote network by spoofing packets.


Last Update:

July 31, 2023, 3:47 p.m.

Weakness

Out-of-bounds Write  (CWE-787) 

Summary

** UNSUPPORTED WHEN ASSIGNED ** A DNS client stack-based buffer overflow in ipdnsc_decode_name() affects Wind River VxWorks 6.5 through 7. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.


Impact

This vulnerability may lead to a Denial of Service (DoS) or arbitrary code execution on affected SIMA² Master Stations. This may allow an adversary to take the device offline or to take over control of the device.

Solution

Mitigation

In case you cannot upgrade your SIMA² Master Station to software Version 2.6 or above, it is recommended to configure the use of internal DNS servers only and block external DNS traffic where possible. It is also recommended to segment networks and shield affected devices from untrusted networks, e.g., using firewalls. Network intrusion detection mechanisms can be used to filter malicious packets.

Remediation

The described vulnerabilities have been fixed in the SIMA² Master Stations with software version V 2.6 or higher. SIMA² Master Stations with software versions < V 2.6 can be upgraded. AUMA recommends applying a product update at the earliest convenience.

Reported by

CERT@VDE coordinated with AUMA.