SAE IT-systems FW-50 Remote Telemetry Unit (RTU)

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to execute remote code through input injection, or allow an attacker to view the file structure of the affected device and access files that should be inaccessible.

CVEs (2)

Remediations

• SAE IT-systems recommends replacing the CPU card with a new one. Find a contact person for information regarding the replacement CPU card. After obtaining a replacement CPU card, program the card with the new version of setIT software. The upgrade can be downloaded from the SAE IT-systems website.
• For information regarding the replacement CPU card, contact SAE IT-systems
• SAE IT-systems recommends that users could also disable the web server port, since all referenced vulnerabilities are related to the web server.
• SAE IT-systems also recommends if the project web server port is not used, disable the port for security reasons.
• For information regarding disabling the project web server port contact the SAE IT-systems Hotline at: Phone: +49 221 / 59 808-55; Email: [email protected]

Affected Vendors

Affected Products (1)

Affected Sectors

Critical Manufacturing, Energy, Transportation Systems, Water and Wastewater Systems