In this Team82 report, we analyzed a subset of engineering workstations (EWS) and human-machine interfaces (HMIs) from a sample of more than 125,000 OT assets, and found that more than one-third are insecurely connected to the internet and also contain at least one confirmed vulnerability that has been publicly exploited.
CWE-191 INTEGER UNDERFLOW (WRAP OR WRAPAROUND):
The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP Requesty, which could allow the attacker to crash the program.
Planet Technology recommends users upgrade to version 1.305b241111 or later.
CVSS v3: 5.3
CWE-78 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND ('OS COMMAND INJECTION'):
The affected product is vulnerable to a command injection. An unauthenticated attacker could send commands through a malicious HTTP request which could result in remote code execution.
Planet Technology recommends users upgrade to version 1.305b241111 or later.
CVSS v3: 9.8
CWE-121 STACK-BASED BUFFER OVERFLOW:
The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker could send a malicious HTTP request that the webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution.
Planet Technology recommends users upgrade to version 1.305b241111 or later.
CVSS v3: 9.8
CWE-359 Exposure of Private Personal Information to an Unauthorized Actor:
Ruijie Reyee OS versions prior to 2.260.0.1329 contains a a feature that could enable sub accounts
or attackers attackers to view and exfiltrate sensitive information from all cloud accounts registered to Ruijie's services.
CVSS v3: 6.5
CWE-1391 Use of Weak Credentials:
Ruijie Reyee OS versions prior to 2.260.0.1329 uses weak credential mechanism that could allow
an attacker to easily calculate MQTT credentials.
Ruijie reports that the issues have been fixed on the cloud and no action is needed by end users.
CVSS v3: 7.5
