SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-118162133] Belden Hirschmann GECKO

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2017-01-26OtherBeldenDavy Douhine of RandoriSec identified this vulnerability. N/ACVE-2017-5163 N/AN/AN/A

Source

						
							
								
#
# Belden Hirschmann GECKO
#


### VULNERABLE VENDOR
Belden


### VULNERABLE PRODUCT
Hirschmann GECKO



### RESEARCHER
Davy Douhine of RandoriSec identified this vulnerability.



### AFFECTED PRODUCTS

The following GECKO switch versions are affected:

Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions.



### IMPACT

Successful exploitation of this vulnerability may allow a remote attacker to access a copy of the configuration file of an affected device without authenticating, exposing sensitive information.



### VULNERABILITY OVERVIEW

PATH TRAVERSAL CWE-22
After an administrator downloads a configuration file, a copy of the configuration file, which includes hashes of user passwords, is saved to a location that is accessible without authentication.
CVE-2017-5163 has been assigned to this vulnerability.
A CVSS v3 base score of 5.9 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)





### BACKGROUND

Critical Infrastructure Sector(s): Multiple sectors
Countries Deployed: Worldwide
Company Headquarters Location: St. Louis, Missouri.




### MITIGATION

Belden has released a new software version, Version 02.0.01, to address the identified vulnerability, which is available at the following location:

https://www.e-catalog.beldensolutions.com/link/57078-24455-402707-402708/en/conf/0


Belden recommends that users update to the newest software version. As an interim compensating control, Belden specifies that users can reboot affected devices after each configuration download, preventing the vulnerable state.



For additional information, please review Belden's security bulletin, BSECV-2016-5, which is available at the following location:

https://www.belden.com/resourcecenter/security/upload/Belden-Security-Bulletin-BSECV-2016-5.pdf