VDE-2024-012 | CERT@VDE

2024-07-09 09:00 (CEST) VDE-2024-012

ifm: Vulnerabilities in ifm AC14 firmware

Share: Email | Twitter

ID

VDE-2024-012

Published

2024-07-09 09:00 (CEST)

Last update

2024-07-08 11:28 (CEST)

Vendor(s)

ifm electronic GmbH

Product(s)

Article No°	Product Name	Affected Version(s)
	Smart PLC AC14xx Firmware	<= V4.3.17
	Smart PLC AC4xxS Firmware	<= V4.3.17

Summary

In ifm Smart PLC firmware up to version 4.3.17 for Smart PLC controllers AC14xx and AC4xxS, an attacker can access the configuration by using the hardcoded credentials. The endpoint hosts a scripts capable of executing various commands.

Vulnerabilities

CVE-2024-28747

9.8

Last Update

18. April 2024 11:50

Severity

9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Weakness

Use of Hard-coded Credentials (CWE-798)

Summary

An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.

Details

cert.vde.com

CVE-2024-28751

9.1

Last Update

4. Juli 2024 11:56

Severity

9.1 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)

Weakness

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

Summary

An high privileged remote attacker can enable telnet access that accepts hardcoded credentials.

Details

cert.vde.com

CVE-2024-28750

7.2

Last Update

4. Juli 2024 11:56

Severity

7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Weakness

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

Summary

A remote attacker with high privileges may use a deleting file function to inject OS commands.

Details

cert.vde.com

CVE-2024-28749

7.2

Last Update

4. Juli 2024 11:55

Severity

7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Weakness

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

Summary

A remote attacker with high privileges may use a writing file function to inject OS commands.

Details

cert.vde.com

CVE-2024-28748

7.2

Last Update

4. Juli 2024 11:55

Severity

7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Weakness

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

Summary

A remote attacker with high privileges may use a reading file function to inject OS commands.

Details

cert.vde.com

Impact

Please see the CVE description.

Solution

Mitigation

When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.

Remediation

Update to Firmware Version 6.1.8 or later.

Reported by

CERT@VDE coordinated with ifm

The vulnerability was reported by Logan Carpenter from Dragos.