TLSstorm: Matatu Akakosha Kusagadzikana Anobata APC Smart-UPS Zvishandiso

Darkcrizt

4 maminitsi

Armis kuchengetedza vaongorori nguva pfupi yadarika vakazivisa kuti vakawana kusagadzikana kutatu mumagadzirirwo emagetsi asingapindiki APC izvo zvinobvumira kudzora kure uye kushandura mudziyo, sekudzima mamwe machiteshi kana kuishandisa kuita kurwisa mamwe masisitimu.

Kudzvinyirirwa iwo akatumidzwa zita rekuti TLSstorm uye inobata APC Smart-UPS (SCL, SMX, SRT series) uye SmartConnect (SMT, SMTL, SCL, uye SMX series).

Unterruptible Power Supply (UPS) zvishandiso zvinopa emergency backup simba remisheni-yakakosha assets uye inogona kuwanikwa munzvimbo dzedata, maindasitiri, zvipatara, nezvimwe.

APC idivi reSchneider Electric uye ndeimwe yevanotungamira kupa zveUPS zvishandiso zvine zvinopfuura mamirioni makumi maviri emidziyo inotengeswa pasi rese. Kana ikashandiswa, kusasimba uku, kunodaidzwa kuti TLStorm, inobvumira kutorwa kwakazara kure kweSmart-UPS zvishandiso uye kugona kuita zvakanyanya cyber-pamuviri kurwisa. Zvinoenderana nedata reArmis, angangoita masere kubva pamakambani gumi anoratidzwa kune TLSstorm kusasimba. Ichi chinyorwa chebhurogu chinopa mucherechedzo wepamusoro-soro wetsvagiridzo iyi nezvainoreva.

Muchinyorwa chebhurogi zvakataurwa izvozvo maviri ekusagadzikana anokonzerwa netsikidzi mukuitwa kweTLS protocol pamidziyo inotungamirwa kuburikidza nepakati Schneider Electric gore sevhisi.

ari SmartConnect yakatevedzana zvishandiso zvinozvibatanidza kune gore sevhisi centralized kana uchitanga kana kurasikirwa nekubatanidza uye anorwisa asina kutenderwa anogona kushandisa kusasimba uye kuwana kutonga yakazara pamudziyo nekutumira zvakanyatsogadzirwa mapakeji kuUPS.

  • CVE-2022-22805: Buffer inofashukira mupakiti reassembly kodhi inoshandiswa pakugadzirisa zvinopinda zvinongedzo. Iyo nyaya inokonzereswa nekubhafa data panguva yekugadziriswa kweakatsemuka marekodhi eTLS. Kushandiswa kwekusagadzikana kunofambiswa nekukanganisa kukanganisa kubata paunenge uchishandisa iyo Mocana nanoSSL raibhurari: mushure mekudzorera kukanganisa, kubatana hakuna kuvharwa.
  • CVE-2022-22806: Kutendeseka kunodarika kana uchitanga musangano weTLS wakakonzerwa nekukanganisa kwenyika panguva yekubatana. Kuchengeta kiyi isina kunyorwa null TLS uye kufuratira kodhi yekukanganisa yakadzoserwa neMocana nanoSSL raibhurari apo pakiti ine kiyi isina chinhu yakagamuchirwa yakaita kuti zvikwanise kutevedzera kuve Schneider Electric server pasina kuenda kuburikidza nekuongororwa uye kiyi yekutsinhana nhanho.

Yechitatu kunetseka (CVE-2022-0715) yakabatana nekuita zvisirizvo kweiyo firmware verification yakadhawunirodha yekuvandudza uye inobvumira anorwisa kuti aise iyo yakagadziridzwa firmware pasina kuonesa siginecha yedhijitari (zvakazoitika kuti siginecha yedhijitari haina kusimbiswa kune firmware zvachose, asi chete symmetric encryption ine kiyi yakafanotsanangurwa mu firmware inoshandiswa).

Yakasanganiswa neCVE-2022-22805 kusagadzikana, anorwisa anogona kutsiva iyo firmware. kure nekuita seSchneider Electric Cloud sevhisi kana nekutanga gadziriso kubva kunetiweki yemuno.

Kushandisa zvisina kunaka mune firmware update masystems kwave kuita muitiro weAPTs, sezvakatsanangurwa nguva pfupi yadarika mukuongorora kweCyclops Blink malware, uye kutadza kuisirwa yakamisikidzwa mudziyo firmware chikanganiso chinodzokororwa mune akati wandei masisitimu. Kusagadzikana kwakapfuura kwakawanikwa neArmis muSwisslog PTS masisitimu (PwnedPiper, CVE-2021-37160) yaive mhedzisiro yemhando yakafanana yekukanganisa.

Kana wawana mukana kuUPS, anorwisa anogona kudyara backdoor kana yakaipa kodhi pachishandiso, pamwe nekuita kuparadza uye kudzima simba revatengi vakakosha, semuenzaniso, kudzima simba rekutarisa vhidhiyo mumabhangi kana hupenyu hwekutsigira. .

Schneider Electric yakagadzirira zvigamba kugadzirisa matambudziko uye iri kugadzirirawo firmware update. Kuti uderedze njodzi yekukanganisika, zvinokurudzirwa zvakare kushandura iyo default password ("apc") pamidziyo ine NMC (Network Management Card) uye kuisa chitupa cheSSL chakasainwa nedigital, pamwe nekurambidza kupinda kweUPS mufirewall chete. kune kero muSchneider Electric gore.

Finalmente Kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo mu inotevera chinongedzo.


Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa. Raida minda anozivikanwa ne *

*

*

  1. Inotarisira iyo data: Miguel Ángel Gatón
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako