Shulou(Shulou.com)05/31 Report--

This article mainly analyzes the relevant knowledge points of Emerson how to repair high-risk vulnerabilities in OpenEnterprise SCADA Server, the content is detailed and easy to understand, the operation details are reasonable, and has a certain reference value. If you are interested, you might as well follow the editor and learn more about "how Emerson fixes high-risk vulnerabilities in OpenEnterprise SCADA Server".

The U.S. Department of Homeland Security's Bureau of Cyber Security and Infrastructure Security (CISA) issued a security bulletin on Feb. 18, alerting users to a high-risk vulnerability in Emerson's OpenEnterprise SCADA Server.

Emerson is a diversified global manufacturer covering process management, industrial automation, network energy, environmental technology and commercial and residential solutions.

The vulnerability was reported to Emerson by Kaspersky ICS CERT researcher Roman Lozko. The vulnerability number is CVE-2020-6970dCVSS v3 with a base score of 8.1 and the vulnerability type is a heap-based buffer overflow.

Successful exploitation could allow remote attackers to execute arbitrary code on OpenEnterprise SCADA Server. CVE-2020-6970 affects the OpenEnterprise3.1 version up to 3.3.3, and OpenEnterpriseServer version 2.83 is affected only if the Modbus or ROC interface is installed and the interface is in use.

Emerson fixes this vulnerability in OpenEnterprise 3.3 service pack 4 (3.3.4) and recommends that users upgrade to the latest version as soon as possible.

CISA in the United States also recommended in the announcement that users take the following defensive measures to minimize the risk of vulnerability exploitation.

Minimize network exposure to all control system devices and systems and ensure that they are not accessible from the Internet

Determine the location of the control system network and remote devices behind the firewall and isolate them from the business network

When remote access is required, use a secure method, such as VPN, but be aware that VPN may contain vulnerabilities, update to the latest available version, and realize that VPN is secure only if the connected device is secure.

CISA also reminds users to conduct appropriate impact analysis and risk assessment before deploying defense measures.

This is the end of the introduction on "how Emerson fixes high-risk vulnerabilities in OpenEnterprise SCADA Server". More related content can be searched for previous articles, hoping to help you answer questions and questions, please support the website!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.