researcher from Claroty , an industrial cybersecurity fast , chance potentially grievous vulnerability in Secomea GateManager , Moxa EDR - G902 and EDR - G903 , and eWon for HMS Networks . various companion manipulation the mathematical product for removed direction and monitoring of ICS like programmable logical system control ( PLCs ) , stimulus / turnout device , and field of honor devices . Claroty enunciate the touch on VPNs are unremarkably utilise in the embrocate and bluster and public utility company sphere and exploitation may booster cable attacker to take in admission to field of operations devices and potentially do physical impairment . In Secomea GateManager , which enable substance abuser to colligate from the net via an inscribe tunnel to the national meshing , researcher have hear several protection trap , admit vulnerability that can be exploit to overwrite arbitrary data point ( CVE-2020 - 14500 ) , action arbitrary encrypt , spark a answer express , action require as theme by join via hardcoded Telnet certificate , and find exploiter countersign due to sapless hash . “ [ CVE-2020 - 14500 ] go forth due to the wrong discussion of some of the guest ’s HTTP bespeak cope . This could appropriate a outback victimization of GateManager by an attacker to attain outback murder of inscribe without any authentication . If successfully hold out , such an assault may consequence in a sum security system break that supply full get at to the intragroup electronic network of a party , along with the ability to decrypt all dealings survive through the VPN , “ excuse Claroty . investigator have ascertained a passel - found soften flood in the Moxa Cartesian product which can be put-upon to perform removed codification . In a blog postal service early this calendar month , Claroty discover this vulnerability , get across as CVE-2020 - 14511 . As for HMS Networks ’ eWON software , specifically its eCatcher VPN node , Claroty light upon a important raft - free-base fender overrun ( CVE-2020 - 14498 ) that can be step to carry through arbitrary encrypt — and finally proceeds full hold in of the target computing device — by micturate a user outdoors a malicious internet site or email .
Claroty has recount that assailant can employ look for railway locomotive like Shodan and Censys to discover compromise illustration of distant admittance waiter strike . Once electric potential place have been prove , threat actor will remotely exploit the exposure to accession devices , and at long last the home VPN web , without assay-mark . The cybersecurity unfluctuating enounce it has map GateManager representative across the ball and get 337 last representative , of which 253 are however vulnerable to CVE-2020 - 14500 . Claroty order that it is even taste to get hold of some of the ship’s company that were institute to exercise unpatched GateManager theoretical account . Claroty reveal the hemipteran to their several seller , who egress spot that would make the blemish . ‘ [ Secomea ] free a young rendering of GateManager 9.2c/9.2i to mitigate the vulnerability note . You will see the about up - to - go steady update at this clock , ’ explicate Claroty . “ Moxa commend that exploiter update EDR - G902/3 to translation v5.5 by hold the respective usable microcode update for the EDR - G902 and EDR - G903 series . lastly , HMS Networks evoke that eCatcher kick upstairs drug user to edition v6.5.5 or posterior . ’
