-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 3rd Party Vulnerabilities in StationGuard < 2.0 - ----------------------------------------------------------------- Security Advisory ID: OSA-3 Release Date: 2021-12-15 Revision: 1.0 OMICRON Product Security Team | security@omicronenergy.com Summary - ----------------------------------------------------------------- All StationGuard versions < 2.0 are affected by vulnerabilities in the 3rd party component tar (CVE-2021-37701, CVE-2021-37712). An attacker could load a specially crafted backup file in StationGuard, which could cause files to be overwritten on the device. This could render the device inaccessible, which requires a pinhole factory reset to recover. The attack requires network access on port 20499/TCP, authenticated access (credentials) to the device and comprehensive knowledge about the API and the directory structure on the device. Alternatively, the attacker could compromise a backup file that is afterward loaded by an authorized user. OMICRON has released a new software version of StationGuard - version 2.0 - which corrects these vulnerabilities. Affected OMICRON Products - ----------------------------------------------------------------- > StationGuard <2.0 on all platforms Vulnerability Classification - ----------------------------------------------------------------- > Base Score: 5.0 > Risk Class: Medium > Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H > CVE-2021-37701 > CVE-2021-37712 Security Advisory - ----------------------------------------------------------------- Mitigation: OMICRON has released a new software version of StationGuard - version 2.0 - which corrects these vulnerabilities. Customers that are using the affected versions are recommended to install the latest update that is available in the customer portal (registration required). More information about StationGuard, including the link to the customer portal, can be found on https://www.omicronenergy.com/en/products/stationguard/ Workaround: Only accept StationGuard backup files from trusted sources. Always use the latest version of StationGuard. Furthermore, it is recommended to protect the TCP port 20499 against unauthorized access via firewall rules and/or VPN solutions. Acknowledgments - ----------------------------------------------------------------- None. -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEkPJvkWGGIuqv8Qag8BT0uMcuyBgFAmG6AYgACgkQ8BT0uMcu yBglqw/+IhfxDGmqf1tK8jgmoFU4I1+bjgfAidrtZiGDu3qZiniTLNqfSR+SHx+/ ebdjPVQm8Kne4NvcWBGtYLkVD3RIKWiej/TiCNHkE5OiaYA40wxmdMv5QUIOJNo+ u5TVfrHvLgcN9dLrgE/66dPVbD4cBEBdUJKn7bfGmk+ttbmIN6U7Fou1MYZOIB9c 0gEa39bL4QmhUgnhpT+Ls3TpZhHDBCqe7MQN1GleBFHz089eL3a2OU8TSL3hyQgb PDdsW/aDPsLth/UOpKH8OhBc2iDR1xSoD8NQ1t8V1wcu0OjwclyrzNLta922dfiC HxI1/CrBorysjs8M2nM1PrOxIXQkrE3Ud4bkrKHK4UgBm5G3cPQY/7ymaaXjXeLQ z+d8Wgf45n7amcuSokuIsFxTsVrB3UJulKVeyadSJz+tiQOvwhwg+/qjhgDoAWmS /ZioAY64UIDoCfab+b7Xsp9H2CwYrVTlVtPU4SUSD4blDX8nCFB9A74LHjM6lLAo mI3W7Tbv3TiXoGPf46vrHFjWYBUIgiSuSkpRgIeMq9Q4tb3+ivYrRWaWfydrulpU NQ/3jQS2AE/1yOmN6HFUzKe8VLIyP8MLMvffnjQqMwkmehDieoky4Hg/9JTsCFlk IP3ZW9T+yvZ9wFzkLijGfKh0i/HIGIN+DVV+B/LWzcFSWXn+pbA= =4LEt -----END PGP SIGNATURE-----