• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Covid-19 Threat Actors Impersonating CDC, WHO
March 31, 2020
Rewterz Threat Alert – New Zero Days in Zoom Allow Session Hijack
April 2, 2020

Rewterz Threat Advisory – ICS: Hirschmann Automation and Control HiOS and HiSecOS Products

April 1, 2020

Severity

High

Analysis Summary

CVE-2020-6994 – A vulnerability in the HTTP(S) web server of HiOS and HiSecOS devices could allow an unauthenticated, remote actor to overflow a buffer and fully compromise the target device. 
The vulnerability is due to improper parsing of URL arguments. An attacker could exploit this vulnerability by specially crafting HTTP requests to overflow an internal buffer. 

Impact

Full compromise of target device

Affected Vendors

Hirschmann Automation and Control GmbH

Affected Products

The following devices using HiOS Version 07.0.02 and lower are affected: RSP
RSPE
RSPS
RSPL
MSP
EES
EESX
GRS
OS
RED
The following devices using HiSecOS Version 03.2.00 and lower are affected: EAGLE20/30

Remediation

  • Hirschmann recommends updating HiOS products to Version 07.0.03 or higher and HiSecOS products to Version 03.3.00 or higher.
  • Hirschmann also recommends, as a workaround, users either use the “IP Access Restriction” feature to restrict HTTP and HTTPS to trusted IP addresses, or disable the HTTP and HTTPS server.
  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.