New security flaws raise the possibility of another Solar Winds-style catastrophe

Another supply chain security crisis might have been sparked by exploitation of eight new vulnerabilities in the Open Automation Software (OAS) platform.

It has been reported that the Talos security unit of Cisco has discovered two high severity vulnerabilities, CVE-2022-266833 (severity 9.4) and CVE-2022-26082 (severity 9.1), which might allow malicious actors to modify the platform settings and execute arbitrary code.

A number of additional vulnerabilities uncovered in the platform might have been exploited to make network requests, draw down directory listings, steal passwords, or execute denial of service attacks.

Vulnerabilities were addressed

By working with OAS, Cisco has issued fixes for these vulnerabilities.

OAS defects are “among the biggest cybersecurity dangers today,” according to Cerberus Sentinel VP of solutions architecture Chris Clements, who spoke to the journal.

Volvo, General Dynamics, and AES are just a few of the companies that utilise it to move data throughout their IT infrastructures. The Industrial Internet of Things (IIoT) projects of these groups cite OAS as a critical component.

It is possible, according to Clements, that an attacker may do catastrophic damage to critical infrastructure facilities by disrupting or altering the operation of these devices. However, such assault could go undetected at first.

His comparison to Stuxnet, a decade-old computer virus that wreaked havoc on Iran’s nuclear programme, was a strong one. The worm was employed to destroy nuclear reactor components that were still working properly despite the fact that the reactors were malfunctioning.

As if that wasn’t bad enough, the systems in question are so critical to these firms that they sometimes put off fixing them for years.

“In some instances, air gaps can be a double-edged sword,” Clements said. “Malicious USB devices have been leveraged several times to spread malware on to air-gapped networks, and unless special considerations have been made to perform security patching on the isolated network, the malicious code often finds itself in an environment that’s ripe for exploitation.”