Heimdal
article featured image

Contents:

A new vulnerability was found by cybersecurity researchers, in systems used across oil and gas organizations. If it were to fall in the wrong hands, this vulnerability could be exploited to inject and execute arbitrary code.

The high-severity issue, tracked as CVE-2022-0902, has received a CVSS score of 8.1 and is a path traversal flaw, first noticed in ABB computers and remote controllers. Flow computers specialize on calculating volume and flow rates for oil and gas that are critical to electric power manufacturing and distribution.

Source

Put simply, the vulnerability identified by Claroty exists in ABB’s implementation of its proprietary Totalflow TCP based protocol, which is utilized to remotely configure the computers.

A malicious actor could potentially exploit this issue and bypass authentication, only to proceed to uploading arbitrary files. Attackers could seize control of the devices and prevent their ability to properly record oil and gas flow rates.

Attackers can exploit this flaw to gain root access on an ABB flow computer, read and write files, and remotely execute code.

Source

The Swedish-Swiss industrial automation company has addressed the issue and released firmware updates.

Consequences of an Attack

Vera Mens, one of Claroty`s researchers, claims that, in the event of a successful exploit of this vulnerability, the company would be greatly affected, from blocking its ability to bill customers to forcing a disruption of services, comparable to the consequences suffered by Colonial Pipeline following its ransomware attack back in 2021. In that instance, the company was forced to shut down after being hit by ransomware in a clear demonstration of the vulnerability of the energy infrastructure when confronted with cyberattacks.

If you liked this article, follow us on LinkedInTwitterFacebookYouTube, and Instagram for more cybersecurity news and topics.

Author Profile

Mihaela Popa

COMMUNICATIONS & PR OFFICER

Mihaela is a digital content creator for Heimdal® and the proud owner of an old soul and a curious mind. Passionate to learn and discover more about cybersecurity, she will gladly share her latest finds with you.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE