Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Medium
An authenticated attacker can exploit a vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE software to retrieve the password for Common Industrial Protocol (CIP). The attacker can then remotely configure the affected device as an administrative user.
An unauthenticated, remote attacker can exploit a vulnerability in the web UI feature of Cisco IOS XE software to conduct a cross-site WebSocket hijacking (CSWSH) attack and cause a denial-of-service condition on an affected device.
An adjacent, unauthenticated attacker can exploit a vulnerability in DECnet protocol processing of Cisco IOS XE software to cause a denial-of-service condition on an affected device. The attacker can then remotely configure the affected device to reload and successfully cause denial-of-service conditions.
A local, authenticated attacker can exploit a vulnerability in a diagnostic command for the Plug and Play (PnP) subsystem of Cisco IOS XE software to elevate privileges to the level of an administrator on an affected Stratix 5800. The attacker can then remotely configure the affected device to disable Plug-and-Play after Express Setup has completed.
A physical, unauthenticated attacker can exploit a vulnerability in the Stratix 5800 switches, execute persistent code at boot time and break the chain of trust.
An authenticated, remote attacker can exploit a vulnerability in the web UI of the IOS XE software to execute arbitrary code with root privileges on the underlying operating system of the affected device. Admin credentials to the device are required for the attacker to exploit this vulnerability.
An authenticated, remote attacker can exploit a vulnerability in the web UI of the IOS XE software to equip themselves with read-only privileges to cause the web management software to hang and consume vty line instances. The consumption of the vty line instances results in a denial-of-service condition.
Rockwell Automation
Refer to the ICS advisory for the complete list of affected products, mitigation methods, and their respective patches.
https://us-cert.cisa.gov/ics/advisories/icsa-21-110-02
In the Stratix 5800, apply version 17.04.01 or later.