September 30, 2024 at 08:30AM
Security vulnerabilities in six different Automatic Tank Gauge (ATG) systems have been disclosed, exposing them to remote attacks. Thousands of ATGs are exposed on the internet, making them a target for malicious actors. Additional flaws were found in OpenPLC, Riello NetMan 204, and AJCloud. CISA has highlighted threats to OT and ICS devices.
Based on the meeting notes, it is clear that there are critical security vulnerabilities in several Automatic Tank Gauge (ATG) systems, OpenPLC, Riello NetMan 204, and AJCloud IP camera management platform, which could lead to potential remote attacks and pose serious risks to critical infrastructure facilities.
The vulnerabilities affect various ATG models, including Maglink LX, Maglink LX4, OPW SiteSentinel, Proteus OEL8000, Alisonic Sibylla, and Franklin TS-550, with some of the flaws rated as critical in severity. Additionally, security flaws have been uncovered in the open-source OpenPLC solution, Riello NetMan 204 network communications card, and the AJCloud IP camera management platform.
Furthermore, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of continued attacks against internet-accessible operational technology (OT) and industrial control systems (ICS) devices, emphasizing the increased threats to the Water and Wastewater Systems (WWS) Sector. The warning is in response to the sanctioned attacks against critical infrastructure entities, which involved targeting and compromising publicly exposed Israeli-made Unitronics Vision Series programmable logic controllers (PLCs) through the use of default passwords.
It is important to note that the vulnerabilities in Riello NetMan 204 remain unpatched, requiring users to limit access to the devices in critical environments until a fix is made available. Similarly, the excessive deployment of remote access solutions within OT environments creates new security and operational risks for organizations, with recommendations to minimize the use of low-security remote access tools, especially those with known vulnerabilities or lacking essential security features.
Overall, the meeting notes highlight the urgent need for proactive measures to address the identified vulnerabilities and enhance the security posture of the affected systems and infrastructure.