High-Severity Flaw Reported in Critical System Used by Oil and Gas Companies

0
177
High-Severity Flaw Reported in Critical System Used by Oil and Gas Companies


High-Severity Flaw Reported in Critical System Used by Oil and Gas Companies

Cybersecurity researchers have disclosed particulars of a brand new vulnerability in a system used throughout oil and fuel organizations that might be exploited by an attacker to inject and execute arbitrary code.

The vulnerability, tracked as CVE-2022-0902 (CVSS rating: 8.1), is a path-traversal vulnerability in ABB Totalflow stream computer systems and distant controllers.

“Attackers can exploit this flaw to achieve root entry on an ABB stream pc, learn and write recordsdata, and remotely execute code,” industrial safety firm Claroty stated in a report shared with The Hacker News.

ABB, a Swedish-Swiss industrial automation agency, has since launched firmware updates as of July 14, 2022, following accountable disclosure.

Flow computer systems are special-purpose digital devices utilized by petrochemical producers to interpret information from stream meters and calculate and report the quantity of drugs corresponding to pure fuel, crude oils, and different hydrocarbon fluids at a particular cut-off date.

These fuel measurements are essential not solely on the subject of course of security, however are additionally used as inputs when bulk liquid or fuel merchandise change fingers between events, making it crucial that the stream measurements are precisely captured.

In a nutshell, the vulnerability recognized by Claroty is a path traversal flaw that exists in ABB’s implementation of its proprietary Totalflow TCP protocol, which is utilized to remotely configure the computer systems.

CyberSecurity

The concern, particularly, issues a characteristic that enables for importing and exporting the configuration recordsdata, enabling an attacker to leverage an authentication bypass concern to get previous the safety passcode barrier and add arbitrary recordsdata.

By making the most of the shortcoming, a distant malicious actor may seize management of the gadgets and hamper their potential to correctly report oil and fuel stream charges.

“A profitable exploit of this concern may impede an organization’s potential to invoice prospects, forcing a disruption of providers, much like the penalties suffered by Colonial Pipeline following its 2021 ransomware assault,” Claroty researcher Vera Mens stated.

LEAVE A REPLY

Please enter your comment!
Please enter your name here