Innominate’s firmware updates are available on its web site at: Innominate also recommends that customers limit access to the administrative interfaces to a minimum via firewall rules.įor additional information on the vulnerability, Innominate’s security advisory is available on its web site at:
Innominate recommends that customers using firmware versions older than Version 7, which are no longer being maintained, should upgrade to mGuard firmware Version 8.1.7. Innominate has released firmware patches for the affected versions, Versions 8.0.0 through 8.1.6 that mitigate the vulnerability in the mGuard firmware. DIFFICULTYĪn attacker with a low skill would be able to exploit this vulnerability. No known public exploits specifically target this vulnerability. This vulnerability could be exploited remotely. A CVSS v2 base score of 7.8 has been assigned the CVSS vector string is (AV:N/AC:L/Au:N/C:N/I:N/A:C). It is possible to cause a temporary DoS condition on the VPN daemon on the VPN waiting side if the VPN initiating peer has the option “IPsec compression” enabled. VULNERABILITY CHARACTERIZATION VULNERABILITY OVERVIEW They can be found in many critical infrastructure sectors, including Communications, Critical Manufacturing, and Healthcare and Public Health. The affected products, the mGuard family of products, are industrial security routers. Innominate is a German-based company that sells products worldwide through its international partners. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Impact to individual organizations depends on many factors that are unique to each organization. Successful exploitation of this vulnerability could result in a DoS condition. Innominate mGuard firmware, Version 8.0.0 to Version8.1.6.The following mGuard versions are affected: Inominate has produced a patch to mitigate this vulnerability. Equipped with the respective VPN licenses, the mGuard rs4000 functions as a remote maintenance infrastructure for the secure connection of machines and plants.Innominate mGuard has self identified a denial-of-service (DoS) vulnerability in the Innominate mGuard device. To ensure software-independent remote maintenance scenarios, the mGuard rs4000 can be used as a VPN gateway for IPsec-encrypted VPN tunnels. Production installations can only be reliably protected through decentralized end-point security from sabotage and resulting production downtimes. The mGuard rs4000 is very well-suited for the decentralized protection of production cells or individual machines against manipulations. The new mGuard factory line offers high-end industrial security in the form of an extremely powerful and fail-safe product portfolio, which is also ideal for sophisticated high-availability scenarios and complex security architectures. Due to its front-side configuration memory (SD card), the mGuard rs4000 can be quickly and easily put into operation, updated and exchanged.Īs successor to the industry standard mGuard industrial rs, the mGuard rs4000 is comparable to this model not only in its space requirements on DIN rails, but also in its functionality.
The new fanless industrial security router generation mGuard rs4000 from Innominate's factory line convinces through reliable security and performance in a compact, DIN rail-mountable industrial metal casing.
0 kommentar(er)
