-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Denial-of-Service Vulnerability in StationGuard device image 1.00.0048 - ------------------------------------------------------------------------ Security Advisory ID: OSA-1 Release Date: 2023-11-22 Revision: 1.1 OMICRON Product Security Team | security@omicronenergy.com Summary - ------------------------------------------------------------------------ The client interface of StationGuard device image version 1.00.0048 is affected by a vulnerability in a 3rd party component that may allow a remote attacker to cause a denial-of-service of the device. Multiple specially crafted TCP packets sent to port 20499 of the device can lead to a denial-of-service situation, so that StationGuard clients cannot connect to the device anymore. This vulnerability only affects the CTRL Ethernet port of the device. The other Ethernet interfaces (STATION) are not affected. The intrusion detection engine is not affected, alerts are continued to be logged and stored. Running Syslog (SIEM) connections are not affected, alerts are continued to be sent out. Affected OMICRON Products - ------------------------------------------------------------------------ > StationGuard Image 1.00.0048 Vulnerability Classification - ------------------------------------------------------------------------ > CVE-2021-30464 > CWE-400: Uncontrolled Resource Consumption > Base Score: 7.5 > Risk Class: High > Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Security Advisory - ------------------------------------------------------------------------ Mitigation: OMICRON has released StationGuard device image version 1.10.0056 together with the Control Software version 1.10.46.0 in November 2020 that remediates this vulnerability. It is strongly recommended that customers currently using the affected versions install the latest update available on the customer portal (registration required) as soon as possible to ensure the security of their system.\n\nMore information about StationGuard and StationScout, including the link to download them, can be found on https://www.omicronenergy.com/en/products/stationguard/ Workaround: Always use the latest version of StationGuard. Furthermore, it is recommended to protect the TCP port 20499 against unauthorized access via firewall rules and/or VPN solutions. Acknowledgments - ------------------------------------------------------------------------ This vulnerability has been discovered during a penetration test by our internal penetration testing and security analysis team. A related third-party vulnerability was reported and patched as a result of a coordinated disclosure. -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEkPJvkWGGIuqv8Qag8BT0uMcuyBgFAmVdlBUACgkQ8BT0uMcu yBg26Q//RENdkSl+tNF7+Echr0ViQL8vsz4jscA+vwRGTUzj5gceE5266EbvWoUa XL8F7ShMO4VpSjkv9buOuIL4mHJ5ZXaw9m8G+HUQQIxO3K7VrQlmLrvmAwhFVu9Q ScsKA0SSeiuaT2CPs3cgj6q6FsdYFkIWauzXeSLUuNJSMafk4LbRd2+Wc64xg78K Ua2KucQDaRzVsbQ02HIRgxnb0/7ceheGZZ/k3cMaI3ReeXgMy2GPUH3PJG5bMX7r QVQvC0JCzgdNOUbYp/vyPuAzZ3qmicKhaUuYm/gjKWNH8DRH6N7jRTyEWPfiV56Q isaZu4vR4j4uaKnCORxyBe9yMZg3Zavq32fEFHfoY4BYZydIdDJcdbvXusipH9pp Xo16LfzE8pjOh0MUY8zzHqio+IGn19D9kQCO4u5dgx+7La0/oHjSu8T+eCEpl9Qp utMEEckI4JW6d08fspokdVN/vQoBuntiNYVOo0U2GSkug+G7N+936M9K28o8NYzr +Mhxc/9aCeXzA3jfZuH4LVtEtuarZ23aXqqPwIge7UG4LUfEks+ifhMqFquF/ftA IfFFQViR9Un9jFV1REvhbr7qQgFopdSxAgYnbKN1v92DeiqG4rYrbqN+ANpZFlqh 8kLdeMSAfWtqMILAyFv5dE1/minQranFWf61TYj/bbEVzLSBjfM= =XTn3 -----END PGP SIGNATURE-----