Security researchers have uncovered serious vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol, which could pose significant risks to industrial operations. If exploited, these flaws could lead to crashes or even remote code execution, disrupting essential industrial processes.
The MMS protocol plays a crucial role in enabling communication between intelligent electronic devices (IEDs) and systems like SCADA (Supervisory Control and Data Acquisition) or programmable logic controllers (PLCs). It allows for seamless exchange of control information across various industrial applications. However, the discovery of five key vulnerabilities highlights how outdated protocols are struggling to meet modern security demands.
These vulnerabilities were found in MZ Automation’s libIEC61850 library and Triangle MicroWorks’ TMW IEC 61850 library. After being responsibly disclosed, patches were issued in late 2022.
The specific vulnerabilities include stack-based buffer overflows, type confusion errors, and null pointer dereference flaws. Some have been assigned the highest possible CVSS score of 10.0, indicating critical severity.
Additionally, Siemens SIPROTEC 5 IEDs were found to rely on an outdated version of the MMS-EASE stack, vulnerable to denial-of-service (DoS) attacks, but an update was rolled out in December 2022.
The findings emphasize a growing gap between modern security needs and the continued use of outdated protocols. Vendors are encouraged to implement security measures suggested by relevant authorities to close this gap.
This news comes on the heels of another report detailing vulnerabilities in Espressif’s ESP-NOW wireless protocol. These flaws could allow attackers to carry out replay attacks or create DoS conditions in systems like building alarms and automatic gates, further demonstrating the widespread security risks industrial networks face today.
Another notable incident involved the discovery of 37 unpatched flaws in the OpenFlow libfluid_msg library, which could be exploited to launch DoS attacks on Software-Defined Networking (SDN) applications.
In a similar vein, Beckhoff Automation’s TwinCAT/BSD operating system was found to have vulnerabilities that could enable logic tampering and command execution with root privileges on PLCs.
To prevent such vulnerabilities from being exploited, industrial operators and device manufacturers must stay proactive by regularly updating software and firmware, conducting routine security assessments, and adopting modern, secure protocols.
Implementing a layered defense strategy, including strong network segmentation and intrusion detection systems, can further minimize the impact of potential attacks.
