Critical Vulnerabilities Identified in OAS Platform

Home/Exploitation, Forensic Investigation, Internet Security, Security Update, Targeted Attacks, Tips/Critical Vulnerabilities Identified in OAS Platform

Critical Vulnerabilities Identified in OAS Platform

Open Automation Software (OAS) has been identified with vulnerabilities by researchers. These vulnerabilities are getting exploited by the threat actors.

OAS is a platform that allows data connection between Industrial Devices, Internet of Things, Network Points, Custom Application Interfaces, Custom Applications and databases.

Source : Official OAS Site

The above picture represents the overview of an Open Automation Software Platform. This Platform is widely used by Intel, Michelin, Volvo and several other distinguished industries.

As a result, vulnerabilities in this platform can allow a major risk (such as, Sensitive Information Disclosure and Connection Disruption) to the industrial and other sectors.

VULNERABILITIES

As reported by Cisco Talos, the most critical flaws are,

CVE-2022-26833

  • CVE Score: 9.4
  • Flaw: Improper Authentication vulnerability exists in the REST API Functionality of OAS Platform.
  • Details: A series of HTTP requests can lead to an unauthenticated use of the REST API. REST API  is designed to give programmatic access for making configuration changes and data viewing.

CVE-2022-26082

  • CVE Score: 9.1
  • Flaw: Missing Authentication for Critical Function
  • Details:  By sending a series of properly formatted configuration messages to the OAS Platform. It is possible to upload an arbitrary file to any targeted user location.
  • This allows a threat actor to upload new authorized key files to the directory from a remote location.

CVE-2022-26067

  • CVE Score: 4.9
  • Flaw: An Information Disclosure Vulnerability existing in OAS Engine Secure_Transfer_Files Function of OAS Platform.

CVE-2022-27169

  • CVE Score: 7.5
  • Flaw: An Information Disclosure Vulnerability in OAS Engine Secure_Browse_File Function of OAS Platform.

CVE-2022-26077

  • CVE Score: 7.5
  • Flaw: A Clear Text transmission of Sensitive Information Vulnerability in the OAS Engine Configuration Communication Function of OAS Platform.

CVE-2022-26026

  • CVE Score: 7.5
  • Flaw: A denial of Service Vulnerability in OAS Engine Secure_Config_Values Function of OAS Platform.

CVE-2022-26303 and CVE-2022-26043

  • CVE Score: 7.5
  • Flaw: An External Configuration Control Vulnerability in the OAS Engine Secure_Add_User Function of OAS Platform.

MITIGATION

The Mitigation steps provided by Cisco are,

  • Disable services and closing communication ports.
  • Use a dedicated user account to run the OAS Platform and ensure that user account does not have any more permissions than necessary.
  • Upgrade to the newest version released as soon as possible.
Post Views: 472
By | 2022-05-27T18:41:59+05:30 May 27th, 2022|Exploitation, Forensic Investigation, Internet Security, Security Update, Targeted Attacks, Tips|

About the Author:

FirstHackersNews- Identifies Security

Related Posts

Leave A Comment

Subscribe to our newsletter to receive security tips everday!