Claroty and Schneider Electric have announced mitigations for four vulnerabilities in Schneider Electric's Modicon M221 programmable logic controller (PLC), as well as the EcoStruxure Machine Expert Basic.
The M221 is a device that provides basic automation capabilities for machines, and it is often found in industrial sectors such as energy and manufacturing.
The unmitigated vulnerabilities could give an attacker access to the device, enabling the attacker to break encryption, modify code, and run certain commands.
Claroty researchers Yehuda Anikster and Rei Henigman explain that the attacker would need to have already gained access to an operational technology (OT) network to exploit these vulnerabilities, and would also need to capture traffic between the PLC and EcoStruxure Machine Expert Basic.
Claroty acknowledges that Schneider Electric does what it can to keep the Modicon M221 secure with password hashes, server-side authentication and stronger encryption.
However, Schneider Electric's efforts have not been flawless - Anikster and Henigman describe these as ‘shortcomings'.
The four most recent vulnerabilities include:
- CVE-2020-7565 (Related CWE-326: Inadequate Encryption Strength)
- CVE-2020-7566 (Related CWE-334: Small Space of Random Values)
- CVE-2020-7567 (Related CWE-311: Missing Encryption of Sensitive Data)
- CVE-2020-7568 (Related CWE-200: Exposure of Sensitive Information to an Unauthorised Actor)
Researchers explain that an attacker could capture traffic between the PLC and EcoStruxure Machine Expert Basic - traffic that could include upload and download data, as well as successful authentications. The data is encrypted using a four-byte XOR key, which is considered to be a weak method of encryption.
An XOR key can be exploited through known-plaintext attacks and statistical analysis.
“ta such as read-write password hashes is transferred using the weak encryption mechanism, and therefore can be extracted and passed in Pass-the-Hash attacks to authenticate an attacker to the PLC. This works because only the hash is used in authentication exchanges. From there, an attacker can execute privileged commands, such as uploading malicious updates or code to a PLC or downloading information from the device,” the researchers explain.
Furthermore, there are also cryptographic implementation vulnerabilities located within the key exchange mechanism, which is designed in a way that makes decryption possible if an attacker used a brute force or rainbow table attack.
“An attacker who is able to capture enough traffic should be able to deduce the client-side or server-side secret in either exchange and would be able to break encrypted read-write commands and the encrypted password hashes. This puts the entire key-exchange mechanism at risk,” researchers say.
Schneider Electric also suggests that any organisation using the M221 device should: implement a firewall that blocks unauthorised access to TCP port 502; set up network segmentation; and disable unused protocols, such as the Programming protocol in the Modicon M221 application.