October 2, 2024 at 04:46PM
Critical security vulnerabilities with severity scores of 9.3 have been discovered in Optigo’s Spectra Aggregation Switch, potentially allowing remote attackers to inject malware into the OT network management switches running version 1.3.7 and earlier. No patches are available, and the manufacturer has issued workarounds to mitigate the vulnerabilities. The US government’s CISA advises implementing these measures to secure the system and prevent exploitation.
From the meeting notes, I have summarized and extracted the key points for your review:
1. Critical security holes have been identified in Optigo’s Spectra Aggregation Switch, with vulnerabilities having CVSS v4 severity scores of 9.3. These vulnerabilities can be exploited by a remote attacker if the switch is running version 1.3.7 and earlier, enabling malware injection into the OT network management switches.
2. The US government’s Cybersecurity and Infrastructure Security Agency (CISA) has warned that Optigo’s vulnerable switches can be easily compromised by unauthenticated remote users. The networking gear is prevalent in critical manufacturing settings and buildings.
3. The identified flaws are CVE-2024-41925, a PHP remote-file inclusion vulnerability affecting the web-based user interface, and CVE-2024-45367, an incomplete authentication process at the web server level.
4. No patches are currently available, but Optigo has suggested a series of workarounds to mitigate the vulnerabilities, including restricting access to the web-based interface, dedicating a network interface for switch management, and making the OneView service accessible only via a secure VPN.
5. There is no current evidence of exploitation, but CISA cautions that exploitation could occur following the public release of advisories.
Please let me know if you need further details or have any specific questions.