Nozomi Networks Labs
Nozomi Networks Labs is dedicated to reducing cyber risk for the world’s industrial and critical infrastructure organizations.
Through our cyber security research, and collaboration with industry and institutions, we’re helping defend the industrial systems that support everyday life.
Collaborating to Reduce ICS Cyber Risk
Nozomi Networks Labs is working with a broad range of experts, industry leaders and institutions to improve industrial cyber security.
If you’d like to work together, we’d love to hear from you!
Successful exploitation of this vulnerability could cause a denial-of-service condition in the controller when reading specific memory blocks using Modbus TC, when writing specific physical memory blocks using Modbus TCP, and when reading data with invalid index using Modbus TCP.
Successful exploitation of this vulnerability could cause a denial-of-service condition.
Successful exploitation of this vulnerability may render the device unresponsive, requiring a physical reset of the PLC (Programmable Logic Controller).
Successful exploitation of these vulnerabilities could allow a remote attacker to render the web server unavailable and/or place the controller in a major non-recoverable faulted state (MNRF).
Successful exploitation of this vulnerability could result in a denial-of-service condition that could result in a loss of availability of the affected device.
Successful exploitation of these vulnerabilities could crash the device being accessed or allow arbitrary code execution on the device.
Successful exploitation of these vulnerabilities could allow arbitrary code execution, malware injection, or malware to spread to other workstations.
Successful exploitation of these vulnerabilities may allow an attacker with local file write access to manipulate files and cause a denial-of-service-condition, or execute code both on the manipulated installation as well as devices configured using the manipulated installation.
GE PACSystems CPE305/310, CPE330, CPE400, RSTi-EP CPE 100, CPU320/CRU320, RXi – Advisory (ICSA-18-137-01)
Successful exploitation of this vulnerability could cause the device to reboot and change its state, causing the device to become unavailable.
Successful exploitation of this vulnerability could allow a denial-of-service condition affecting the ability of the device to establish connections to commissioning and service software tools.
Exploitation may possibly cause a halt of Ethernet functionality, requiring a cold start to restore the system as well as communications related to ControlWave Designer access. This can possibly result in a loss of system availability and disruption in communications with other connected devices.
Successful exploitation of this vulnerability may render the device unresponsive requiring a physical reset of the PLC.
“Threat actors love finding new ways to attack critical infrastructure. We love finding new ways to detect their malware before damage occurs.”
© 2019 Nozomi Networks, Inc.
All Rights Reserved.