Close Menu
Subscribe
Critical Infrastructure Security Emerging Threats Latest News News & Analysis Threat Intelligence Threats and Vulnerabilities

CISA Warns of Critical Vulnerabilities Switches Used in Critical Manufacturing

Kirsten DoyleBy Updated:2 Mins Read
critical vulnerabilities

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about two critical vulnerabilities in Optigo Networks’ ONS-S8 Spectra Aggregation Switch, a key component in critical infrastructure systems.

These vulnerabilities, which affect all versions of the switch up to and including version 1.3.7, are a significant risk of remote code execution and authentication bypass.

High-Risk Vulnerabilities

The vulnerabilities, identified as CVE-2024-41925 and CVE-2024-45367, were discovered by Claroty’s Team82 and have been classified as critical. Each has a CVSS v4 score of 9.3.

According to CISA, these flaws could enable malicious actors to remotely bypass authentication and execute arbitrary code with low attack complexity, making them particularly dangerous for global critical infrastructure and manufacturing sectors.

The first vulnerability stems from improper filename control in the PHP program used by the switches, which could allow a malefactor to traverse directories and execute remote code.

The second flaw is due to weak authentication enforcement, which could give attackers unauthorized access to the device’s management interface, manipulate system configurations, or access sensitive data.

No Available Fixes—Mitigation Steps Critical

Optigo Networks has not released a patch for these vulnerabilities yet, and entities using the ONS-S8 switches are advised to take immediate mitigation actions.

CISA recommends isolating the switch’s management traffic on a dedicated VLAN and securing connections to the management platform, OneView, using a dedicated network interface card (NIC).

Moreover, organizations are urged to whitelist authorized devices via firewall configurations and ensure that all communications are encrypted using a secure VPN.

CISA advises implementing a layered defense strategy, including regular risk assessments and best practices for industrial control systems (ICS) security. The agency also encourages firms to report any suspicious activity to CISA for tracking and analysis.

While no known exploitation of these vulnerabilities has been reported, the high-risk natue of the flaws and the potential impact on critical infrastructure systems enourage a sense of urgency in implementing these defensive measures.

For more information and detailed mitigation recommendations, visit CISA’s ICS security webpage.

About the Author

  • kirsten doyle

    Information Security Buzz News Editor

    Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.

The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

Share.

Related Posts

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

Working With Us

Write For Us

The Pages