ICS-CERT: Koyo Ecom100 Brute Force Cracking Tool

Wednesday, February 15, 2012

Contributed By:
Headlines

This Alert Update is a follow-up to the original ICS-CERT Alert titled “ICS-ALERT-12-020-05— Koyo Ecom100 multiple vulnerabilities” that was published January 20, 2012, on the ICS-CERT web page.

ICS-CERT is aware of a public report of multiple vulnerabilities with proof-of-concept (PoC) exploit code affecting the Koyo ECOM100 Ethernet Module. This module is used to communicate between a PLC and the control system.

This report is based on information presented by Reid Wightman during Digital Bond’s SCADA Security Scientific Symposium (S4) on January19, 2012. Vulnerability details were released without coordination with either the vendor or ICS-CERT.

A brute force password cracking tool has been released that targets the weak authentication vulnerability in the ECOM series modules. This tool may greatly reduce the time and skill level required to attack a vulnerable system.

ICS-CERT is attempting to notify the affected vendor of the report to ask the vendor to confirm the vulnerabilities and identify mitigations. ICS-CERT is issuing this alert to provide preliminary notice of the reported vulnerable products and to begin identifying baseline mitigations that can reduce the risk of cybersecurity attacks exploiting these vulnerabilities.

The report included vulnerability details and PoC exploit code for the following vulnerabilities:

Vulnerability Type: Weak Authentication - Uses 8-byte passcode
Exploitability: Remote
Impact: Loss of Integrity

Vulnerability Type: Replay Attack
Exploitability: Remote
Impact: Loss of Integrity

Vulnerability Type: Web Server - No Authentication
Exploitability: Remote
Impact: Open Authentication / Loss of Integrity

Vulnerability Type: Web Server Buffer Overflow
Exploitability: Remote
Impact: Denial of Service

Vulnerability Type: Web Server Cross-Site Scripting (XSS)
Exploitability: Remote
Impact: Loss of Integrity

Vulnerability Type: Resource Exhaustion
Exploitability: Remote
Impact: Denial of Service and Web Server Crash

Please report any issues affecting control systems in critical infrastructure environments to ICS-CERT.

MITIGATION

ICS-CERT is currently coordinating with Koyo and the security researcher to identify useful mitigations.

The full ICS-CERT advisory can be found here:

Source: http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-05A.pdf

Share This! |

Views:	3813
Categories:	SCADA
Industries:	Industrial Control Systems
Tags:	Denial of Service SCADA cracking Authentication Vulnerabilities Proof of Concept Replay Attack Buffer Overflow Brute Force Programmable Logic Controllers Advisory ICS ICS-CERT Industrial Control Systems Reid Wightman Koyo ECOM100 Ethernet Module

Post Rating I Like this!

Comments:

You Must Register or Login to Comment

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked

Latest Member Comments

"I thought this article discuss a very important issue of security.If we have well developed technology in one particular field then we ..."

Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013

"ATM machine are for our convenience but if we are not careful they can compromise our safety. Discount theater tickets "

ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013

"A expressive case study is used to explore causation in order to find underlying principles. Case studies may be prospective in which c..."

New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013

"In the social sciences and life sciences a case study or case report is a descriptive or descriptive analysis of a someone, group or ev..."

Case Study: A Cloud Security Assessment... Caitlin Rachel on 05-21-2013