ICSA-17-094-02B
·
Published 2017-10-12
·
View on CISA ICS-CERT ↗
Marel Food Processing Systems (Update B)
CVSS 9.8
CRITICAL
Risk Summary
ATTENTION: Remotely exploitable/low skill level to exploit.
CVEs (3)
Remediations
- Marel has released a firewall update for the Pluto platform having version names Pluto1203 and Pluto2. Pluto2, Version 1.0.0-gaf7c5e5-pluto2, and Pluto1203, Version 1.0-0marel0.
- These updates will restrict remote access by implementing SSH authentication.
- Marel has created an update for Pluto-based applications, which was scheduled for release in October, 2017. This update will restrict remote access by implementing SSH authentication.
- Marel reports that all M3000 terminal based products were at end-of-life in July 2012, and, thus, will not release product fixes to address the identified vulnerabilities. Marel recommends that users upgrade these end-of-life systems.
Affected Vendors
Marel
Affected Products (14)
Marel
·
Food Processing Systems
vers:all/*
Marel
·
Food Processing Systems
vers:all/*
Marel
·
Food Processing Systems
vers:all/*
Marel
·
Food Processing Systems
vers:all/*
Marel
·
Food Processing Systems
vers:all/*
Marel
·
Food Processing Systems
vers:all/*
Marel
·
Food Processing Systems
vers:all/*
Marel
·
Food Processing Systems
vers:all/*
Marel
·
Food Processing Systems
vers:all/*
Marel
·
Food Processing Systems
vers:all/*
Marel
·
Food Processing Systems
vers:all/*
Marel
·
Food Processing Systems
vers:all/*
Marel
·
Food Processing Systems
vers:all/*
Marel
·
Food Processing Systems
vers:all/*
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more