SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-585433301] Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2017-08-24OtherWestermoMandar Jadhav from Qualys Security has identified the vulnerabilities. N/ACVE-2017-1270 CVE-2017-1270 CVE-2016-5816 N/AN/AN/A

Source

						
							
								
#
# Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455
#


### VULNERABLE VENDOR
Westermo


### VULNERABLE PRODUCT
MRD-305-DIN, MRD-315, MRD-355, and MRD-455



### RESEARCHER
Mandar Jadhav from Qualys Security has identified the vulnerabilities.



### AFFECTED PRODUCTS

The following Westermo router models and firmware versions are affected:

MRD-305-DIN versions older than 1.7.5.0, and
MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0



### IMPACT

Successful exploitation of these vulnerabilities could allow a remote attacker to obtain hard-coded cryptographic keys, hard-coded credentials, or trick a user into submitting a malicious request, resulting in the attacker gaining unauthorized access to the device and running arbitrary code.



### VULNERABILITY OVERVIEW

CROSS-SITE REQUEST FORGERY (CSRF) CWE-352
The application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to trick a user into making a malicious request to the server.
CVE-2017-12703 has been assigned to this vulnerability.
A CVSS v3 base score of 8.8 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)


USE OF HARD-CODED CREDENTIALS CWE-798
The device utilizes hard-coded credentials, which could allow for unauthorized local low privileged access to the device.
CVE-2017-12709 has been assigned to this vulnerability.
A CVSS v3 base score of 5.9 has been assigned; the CVSS vector string is (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)


USE OF HARD-CODED CRYTPGRAPHIC KEY CWE-321
The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source.
CVE-2016-5816 has been assigned to this vulnerability.
A CVSS v3 base score of 10.0 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N)





### BACKGROUND

Critical Infrastructure Sectors: Commercial Facilities, Critical Manufacturing, and Energy
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Sweden




### MITIGATION

Westermo recommends that users update to the latest firmware version 1.7.7.0. The new version can be downloaded at:

http://www.westermo.com


Westermo has also released a security advisory that can be found at:

http://www.westermo.com/solutions/cyber-security/resource-centre