Rewterz Threat Alert – Targeted Attacks on Oil and Gas Supply Chain Industries in the Middle East
October 1, 2020Rewterz Threat Alert – Malicious Cyber Activity in an Enterprise Network
October 1, 2020Severity
Medium
Analysis Summary
CVE-2020-11641
An authenticated adversary can read service configuration and other sensitive information and abuse this information for malicious activities on SiteManager instances.
CVE-2020-11642
An authenticated adversary can repeatedly trigger a restart of SiteManager instances, thus limiting availability.
CVE-2020-11643
An authenticated adversary can gather information about devices belonging to a foreign organization and abuse this information for malicious activities.
CVE-2020-11644
An authenticated adversary can fool users of foreign domains with fictional audit messages/alerts of their choice.
CVE-2020-11645
An authenticated adversary can repeatedly trigger a restart of GateManager instances, thus limiting their availability.
CVE-2020-11646
An authenticated adversary can view information about all devices belonging to their domain and abuse this information for malicious activities.
Impact
- Information disclosure
- Denial-of-service
Affected Vendors
B&R Industrial Automation GmbH
Affected Products
- SiteManager all versions prior to v9.2.620236042
- GateManager 4260 and 9250 all versions prior to v9.0.20262
- GateManager 8250 all versions prior to v9.2.620236042
Remediation
Users are advised to update to the fixed versions:
- SiteManager v9.2.620236042
- GateManager 4260 and 9250 v9.0.20262
- GateManager 8250 v9.2.620236042