Eaton Cooper Power Series Form 6 Control and Idea/IdeaPlus Relays with Ethernet Vulnerability

CVEs (1)

Remediations

• No authentication mechanism was used for new socket connections to SCADA protocol listening ports on the Form 6 control and Idea/IdeaPLUS relays. The effects of exploiting this vulnerability are the same as the effects of an attacker connecting directly to the control or network and listening for or initiating a new session, without exploiting any vulnerabilities. This underscores the importance of deploying network segmentation and isolation on the control system network. By ensuring that controls are not accessible from external networks and that appropriate physical security measures are provided at network access points, risks associated with this vulnerability are greatly minimized.
• Eaton’s Cooper Power Systems recommends that asset owners using these products take the proper steps to ensure system wide defense-in-depth strategies, as outlined in Eaton’s whitepaper WP152002EN. This whitepaper can be downloaded at: (http://www.eaton.com/ecm/idcplg?IdcService=GET_FILE&allowInterrupt=1&RevisionSelectionMethod=LatestReleased&Rendition=Primary&dDocName=WP152002EN)
• Eaton’s Cooper Power Systems division has developed ProView 5.0 Revision 11 software that mitigates this vulnerability, and the Form 6 control version was released on June 12, 2015. Idea/IdeaPLUS relay ProView software versions began to be posted on June 30, 2015. ProView 5.0 Revision 11 will be compatible with any hardware and firmware Versions 5.0 and higher. Versions below 5.0 may be updated with the appropriate and corresponding hardware upgrades. Information on how to obtain and install these available remedies is available at: (http://www.cooperindustries.com/content/public/en/power_systems/resources/securitysupport.html)
• For additional technical information, please contact Eaton’s Cooper Power Systems at: (http://www.eaton.com/cybersecurity)

Affected Vendors

Affected Products (1)