The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about two critical vulnerabilities in Optigo Networks’ ONS-S8 Spectra Aggregation Switch, a key component in critical infrastructure systems.
These vulnerabilities, which affect all versions of the switch up to and including version 1.3.7, are a significant risk of remote code execution and authentication bypass.
High-Risk Vulnerabilities
The vulnerabilities, identified as CVE-2024-41925 and CVE-2024-45367, were discovered by Claroty’s Team82 and have been classified as critical. Each has a CVSS v4 score of 9.3.
According to CISA, these flaws could enable malicious actors to remotely bypass authentication and execute arbitrary code with low attack complexity, making them particularly dangerous for global critical infrastructure and manufacturing sectors.
The first vulnerability stems from improper filename control in the PHP program used by the switches, which could allow a malefactor to traverse directories and execute remote code.
The second flaw is due to weak authentication enforcement, which could give attackers unauthorized access to the device’s management interface, manipulate system configurations, or access sensitive data.
No Available Fixes—Mitigation Steps Critical
Optigo Networks has not released a patch for these vulnerabilities yet, and entities using the ONS-S8 switches are advised to take immediate mitigation actions.
CISA recommends isolating the switch’s management traffic on a dedicated VLAN and securing connections to the management platform, OneView, using a dedicated network interface card (NIC).
Moreover, organizations are urged to whitelist authorized devices via firewall configurations and ensure that all communications are encrypted using a secure VPN.
CISA advises implementing a layered defense strategy, including regular risk assessments and best practices for industrial control systems (ICS) security. The agency also encourages firms to report any suspicious activity to CISA for tracking and analysis.
While no known exploitation of these vulnerabilities has been reported, the high-risk natue of the flaws and the potential impact on critical infrastructure systems enourage a sense of urgency in implementing these defensive measures.
For more information and detailed mitigation recommendations, visit CISA’s ICS security webpage.
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.