- “Distant code execution (RCE): Permits an attacker to execute arbitrary code on the impacted gadget, however the code could also be executed in numerous specialised processors and totally different contexts inside a processor, so an RCE doesn’t at all times imply full management of a tool. That is normally achieved through insecure firmware/logic replace features that enable the attacker to produce arbitrary code.”
- “Denial of service (DoS): Permits an attacker to both take a tool utterly offline or to forestall entry to some perform.”
- “File/firmware/configuration manipulation: Permits an attacker to alter essential elements of a tool equivalent to information saved inside it, the firmware operating on it or its particular configurations. That is normally achieved through vital features missing the right authentication/authorization or integrity checking that may stop attackers from tampering with the gadget.”
- “Compromise of credentials: Permits an attacker to acquire credentials to gadget features, normally both as a result of they’re saved or transmitted insecurely.”
- “Authentication bypass: Permits an attacker to bypass current authentication features and invoke desired performance on the goal gadget.”
Fully mitigating the ICEFALL vulnerabilities would require vendor-delivered patches, within the meantime community isolation (significantly isolation of OT and industrial management techniques from enterprise networks and the broader Web), limiting community connections to particularly chosen engineering workstations, and, after all “specializing in consequence discount.”
Comments
0 comments