Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
March 21, 2023Severity Medium Analysis Summary Rhadamanthys is a type of malware known as a stealer, which is designed to steal sensitive information from infected computers. It was […]March 21, 2023Severity High Analysis Summary The Mirai botnet is a type of malware that infects Internet of Things (IoT) devices, such as routers, security cameras, and other […]March 21, 2023Severity High Analysis Summary LockBit ransomware takes as little as five minutes to deploy the encryption routine on target systems once it lands on the victim […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
March 21, 2023Severity Medium Analysis Summary Rhadamanthys is a type of malware known as a stealer, which is designed to steal sensitive information from infected computers. It was […]March 21, 2023Severity High Analysis Summary The Mirai botnet is a type of malware that infects Internet of Things (IoT) devices, such as routers, security cameras, and other […]March 21, 2023Severity High Analysis Summary LockBit ransomware takes as little as five minutes to deploy the encryption routine on target systems once it lands on the victim […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Rewterz Threat Advisory – CVE-2019-10712 – WAGO Series 750-88x and 750-87x Undocumented Service Access Vulnerability
April 17, 2019Rewterz Threat Advisory – CVE-2018-15317 – F5 Multiple BIG-IP Products SSL Denial of Service Vulnerability
April 17, 2019
Severity
High
Analysis Summary
Researchers have found some controllers are susceptible to a denial-of-service attack due to a flood of network packets.
Impact
Uncontrolled Resource Consumption
Affected Vendors
- ABB
- Phoenix Contact
- Schneider Electric
- Siemens
- WAGO
Affected Products
- Programmable Logic Controllers
- ABB 1SAP120600R0071 PM554-TP-ETH
- Phoenix Contact 2700974 ILC 151 ETH
- Schneider Modicon M221
- Siemens 6ES7211-1AE40-0XB0 Simatic S7-1211
- Siemens 6ES7314-6EH04-0AB0 Simatic S7-314
- Siemens 6ED1052-1CC01-0BA8 Logo! 8
- WAGO 750-889 Controller KNX IP
- WAGO 750-8100 Controller PFC100
- WAGO 750-880 Controller ETH
- WAGO 750-831 Controller BACnet/IP
Remediation
PHOENIX CONTACT
Phoenix Contact acknowledges this as a “known, won’t fix” issue for old products. Currently available products provide countermeasures to mitigate the impact on the safety-related functionality.
https://www.phoenixcontact.com/assets/downloads_ed/local_pc/web_dwl_technical_info
/ah_en_industrial_security_107913_en_01.pdf
ABB
ABB concludes the reported behavior is not a vulnerability but is due to a misconfiguration of the PLC watchdog,
SIEMENS
Siemens has investigated the vulnerability report on PLC cycle time influences and concludes the report does not demonstrate a valid vulnerability for Siemens PLCs.
WAGO
WAGO recommends users operate the devices in closed networks or protect them with a firewall against unauthorized access. Another recommended mitigation is to limit network traffic via the switch rate limit feature according to application needs.
SCHNEIDER ELECTRIC
Fixes are available in the Modicon M221 firmware v1.10.0.0 and the EcoStruxure Machine Expert – Basic v1.0 software (formerly SoMachine Basic) using either of the following options:
https://www.schneider-electric.com/en/download/document/Machine_Expert_Basic