SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-826342648] IRZ RUH2 3G Firmware Overwrite Vulnerability

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2016-05-17OTHERRUH2NCCIC/ICS-CERTN/A2016-2309N/AN/AN/A

Source

						
							
								
#
# IRZ RUH2 3G Firmware Overwrite Vulnerability
#


### OVERVIEW

NCCIC/ICS-CERT has identified a firmware overwrite vulnerability in iRZ's RUH2 device. iRZ has discontinued this product and no longer offers support.

This vulnerability could be exploited remotely. Exploits that target this vulnerability are known to be publicly available.




### AFFECTED PRODUCTS

The following iRZ product is affected:

RUH2




### IMPACT

An attacker could corrupt the firmware of the serial-to-Ethernet converters employed for substation communications and network routers.

Impact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation.




### BACKGROUND

iRZ is a Russian-based company that maintains offices in several countries around the world, including China, Iran, Ukraine, Kazakhstan, France, Belgium, Switzerland, Italy, and Spain.

The affected product, RUH2, is a serial-to-network connector system. According to iRZ, RUH2s are deployed across several sectors including Commercial Facilities, Communications, Financial Services, Healthcare and Public Health, and others. iRZ estimates that this product is used primarily in Eastern Europe.




### VULNERABILITY CHARACTERIZATION


# VULNERABILITY OVERVIEW

UNRESTRICTED UPLOAD OF FILE

Authorized users can remotely update the firmware with an unvalidated patch.
CVE-2016-2309 has been assigned to this vulnerability. A CVSS v3 base score of 6.1 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:H).




### VULNERABILITY DETAILS


# EXPLOITABILITY

This vulnerability could be exploited remotely.


# EXISTENCE OF EXPLOIT

Exploits that target this vulnerability are publicly available.


# DIFFICULTY

An attacker with a low skill would be able to exploit this vulnerability.




### MITIGATION

iRZ recommends users replace the RUH2 with either the RUH2b or RUH3. Additional information on this vulnerability is available at:

http://www.irz.net/en/support