Discover the latest security vulnerabilities in industrial protocol implementations that could have severe impacts on critical infrastructure.
Researchers from Claroty have uncovered critical weaknesses in the Manufacturing Message Specification (MMS) protocol, which, if exploited, can lead to crashes or remote code execution on industrial devices.
MMS, an OSI application layer messaging protocol, facilitates remote control and monitoring of industrial devices by exchanging control information in an application-agnostic manner.
The vulnerabilities affected MZ Automation’s libIEC61850 library and Triangle MicroWorks’ TMW IEC 61850 library, which were promptly patched after responsible disclosure.
- CVE-2022-2970 – A stack-based buffer overflow vulnerability in libIEC61850
- CVE-2022-2971 – A type confusion vulnerability in libIEC61850
- CVE-2022-2972 – Another stack-based buffer overflow vulnerability in libIEC61850
- CVE-2022-2973 – A null pointer deference vulnerability in libIEC61850
- CVE-2022-38138 – An access of uninitialized pointer vulnerability
Additionally, Siemens’ SIPROTEC 5 IED was found to be using an outdated MMS-EASE stack version, leading to a denial-of-service vulnerability. The company has since released updated firmware to address the issue.
These findings underscore the importance of updating legacy protocols to meet modern security standards and following guidelines from organizations like CISA.
Recent discoveries in other protocols, such as ESP-NOW and OpenFlow, have also highlighted the potential risks of unpatched vulnerabilities in industrial systems.
Stay informed about the latest cybersecurity threats by following us on Twitter and LinkedIn for more exclusive content.