Share: Email | Twitter

ID

VDE-2020-040

Published

2020-10-05 14:00 (CEST)

Last update

2020-10-05 14:00 (CEST)

Vendor(s)

Pepperl+Fuchs SE

Product(s)

Article No° Product Name Affected Version(s)
ES7506 all versions
ES7506 all versions
ES7510 all versions
ES7510-XT all versions
ES7528 all versions
ES8508 all versions
ES8508F all versions
ES8509-XT all versions
ES8510 all versions
ES8510-XT all versions
ES8510-XTE all versions
ES9528/ES9528-XT all versions
ES9528-XTv2 all versions

Summary

Several critical vulnerabilities within Firmware have been identified. Please consult the CVEs for details.

Vulnerabilities



Weakness
Hidden Functionality (CWE-912)
Summary
Active TFTP-Service
Weakness
Improper Authorization (CWE-285)
Summary

Unauthenticated Device Administration

Weakness
Use of Hardcoded Credentials (CWE-798)
Summary

Undocumented Accounts

Weakness
Cross-Site Request Forgery (CSRF) (CWE-352)
Summary

Unauthenticated Device Administration

Weakness
Improper Input Validation (CWE-20)
Summary

Multiple Authenticated Command Injections

Impact

Pepperl+Fuchs analyzed and identified affected devices.
Remote attackers may exploit multiple vulnerabilities to get access to the device and
execute any program and tap information.

Solution

An external protective measure is required.

1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially
traffic targeting the administration webpage.

2) Administrator and user access should be protected by a secure password and only be
available to a very limited group of people.

Reported by

T. Weber of SEC Consult Vulnerability Lab reported this vulnerability.
Coordinated by CERT@VDE