Israel National Cyber Directorate warns of critical vulnerabilities in equipment used in energy and industrial sectors
The vulnerabilities were discovered in a TCP/IP Stack called NicheStack that is included in a large number of operational components, including Siemens controllers
The vulnerabilities were discovered in a TCP/IP Stack called NicheStack that is included in a large number of operational components, including Siemens controllers and other equipment from reputable companies. The researchers estimate that there are millions of facilities in the world that contain equipment that uses the vulnerable software component. Such facilities control various production processes such as pump operations, temperature control, production line control and more. Without appropriate preventive measures, organizations and companies, mainly in the energy, industry, production and retail sectors, are potentially exposed to cyber disruption.
The research team, which consists of Israeli researchers from Forescout and JFrog Security Research, discovered the weaknesses during a study that used advanced analysis capabilities. Two of the vulnerabilities are classified as critical, ten as high risk and two as medium risk.
"The potential for a relatively easy attack, can lead to various disruptions in the production processes and even result in physical damage of environmental pollution, equipment shutdown, etc," the Directorate wrote in its warning. "Additionally, attackers can use lateral movement to damage the administrative networks through information leakage, downtime, encryption and deletion of information."
The details of the vulnerabilities were shared in advance by the Israeli research team at Forescout with the Israeli National Cyber Directorate, as part of an extensive research collaboration that is emerging between the Directorate and Forescout. The vulnerabilities were shared through a responsible disclosure procedure with the relevant manufacturers.
"The Directorate calls upon organizations that use vulnerable equipment that use this software to take immediate preventive action, and on vendors of said products to alert their customers to the risk and provide them with appropriate security updates in a timely manner," the Directorate added.