"Vulnerabilities in OpENer Stack Expose Industrial Devices to Attacks"

Researchers with the industrial cybersecurity firm Claroty recently disclosed five vulnerabilities in the OpENer Ethernet/IP (ENIP) stack designed for I/O adapter devices. The OpENer stack supports multiple I/O and explicit connections. It implements the ENIP and CIP industrial protocols and is widely used among top SCADA vendors. The exploitation of vulnerabilities found in the OpENer stack could allow attackers to cause denial-of-service (DoS) conditions, achieve remote code execution, and more. The Cybersecurity and Infrastructure Security Agency (CISA) warned of the vulnerability of all OpENer Ethernet/IP stack commits and versions before February 10, 2021, and urges the application of the latest commits. CISA also recommends taking measures to minimize the risk of these vulnerabilities' exploitation, which include ensuring that control systems are not exposed to the Internet, isolating control system networks and remote devices from the business network, and using secure methods for remote access. This article continues to discuss the discovery of multiple vulnerabilities in the OpENer stack, the potential exploitation of these vulnerabilities by attackers, and CISA's recommendations for addressing those flaws. 

Security Week reports "Vulnerabilities in OpENer Stack Expose Industrial Devices to Attacks"