Security restrictions bypass in Schweitzer Engineering Laboratories SEL-3620 and SEL-3622



Published: 2017-07-12
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2017-7928
CWE-ID CWE-284
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
SEL-3622
Hardware solutions / Routers & switches, VoIP, GSM, etc

SEL-3620
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor Schweitzer Engineering Laboratories, Inc.

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Security restrictions bypass

EUVDB-ID: #VU7476

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-7928

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass security restrictions.

The weakness exists due to improper enforcing of access control while configured for NAT port forwarding. A remote attacker can use unauthorized communications to downstream devices.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SEL-3622: R202 - R204-V1

SEL-3620: R202 - R204-V1

External links

http://ics-cert.us-cert.gov/advisories/ICSA-17-192-06


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###