Brother
Professional
- Messages
- 2,590
- Reaction score
- 533
- Points
- 113
Attackers can get ahead of security systems and hide malicious activity.
Critical vulnerabilities in Delta Electronics Operational Technology Monitoring (OT) product may allow hackers to hide their actions from employees of the target organization.
The issue affects a Delta product called InfraSuite Device Master version 1.0.7 and earlier. The existence of vulnerabilities became known at the end of November, when the CISA agency and the Zero Day Initiative (ZDI) issued appropriate warnings. Delta Electronics recommends that you update your software to version 1.0.10 or later.
InfraSuite Device Master is a data center infrastructure monitoring and management software that provides real-time monitoring of critical devices, including power and cooling systems, building sensors, and Industrial Control Systems (ICS), such as Programmable Logic Controllers (PLCs). PLC) and energy meters.
Four vulnerabilities were identified, two of which were rated "critical". Critical errors can be exploited by an unauthorized remote attacker to execute arbitrary code on the target system.
The remaining two high-risk vulnerabilities can be used to remotely execute code on a remote device and obtain confidential information, such as passwords in clear text.
ZDI reported that one of the critical vulnerabilities, tracked as CVE-2023-47207 (CVSS: 9.8), can be exploited over the Internet if the system is available online. Successful use of the vulnerability will allow the attacker to gain administrator privileges.
In real-world situations, an attacker can use vulnerabilities to compromise the InfraSuite Device Master and hide potentially important warnings from the operator. If an attacker uses other exploits to attack the OT system inside the victim's environment in order to cause crashes or damage, they can also hack into the Delta monitoring product to hide reports of problems in the OT system.
ZDI cited the example of the real Stuxnet attack, in which malware was designed to damage ICS systems associated with centrifuges at the Natanz nuclear facility in Iran, while trying to hide manipulations with the behavior of centrifuges.
Critical vulnerabilities in Delta Electronics Operational Technology Monitoring (OT) product may allow hackers to hide their actions from employees of the target organization.
The issue affects a Delta product called InfraSuite Device Master version 1.0.7 and earlier. The existence of vulnerabilities became known at the end of November, when the CISA agency and the Zero Day Initiative (ZDI) issued appropriate warnings. Delta Electronics recommends that you update your software to version 1.0.10 or later.
InfraSuite Device Master is a data center infrastructure monitoring and management software that provides real-time monitoring of critical devices, including power and cooling systems, building sensors, and Industrial Control Systems (ICS), such as Programmable Logic Controllers (PLCs). PLC) and energy meters.
Four vulnerabilities were identified, two of which were rated "critical". Critical errors can be exploited by an unauthorized remote attacker to execute arbitrary code on the target system.
The remaining two high-risk vulnerabilities can be used to remotely execute code on a remote device and obtain confidential information, such as passwords in clear text.
ZDI reported that one of the critical vulnerabilities, tracked as CVE-2023-47207 (CVSS: 9.8), can be exploited over the Internet if the system is available online. Successful use of the vulnerability will allow the attacker to gain administrator privileges.
In real-world situations, an attacker can use vulnerabilities to compromise the InfraSuite Device Master and hide potentially important warnings from the operator. If an attacker uses other exploits to attack the OT system inside the victim's environment in order to cause crashes or damage, they can also hack into the Delta monitoring product to hide reports of problems in the OT system.
ZDI cited the example of the real Stuxnet attack, in which malware was designed to damage ICS systems associated with centrifuges at the Natanz nuclear facility in Iran, while trying to hide manipulations with the behavior of centrifuges.