GE Grid Solutions Reason RT Clocks

Risk Summary

Successful exploitation of this vulnerability could allow access to sensitive information, execution of arbitrary code, and cause the device to become unresponsive.

CVEs (1)

Remediations

• GE strongly recommends users of time synchronization products update their units to firmware Version 08A05 or greater to resolve these issues.
• GE recommends users evaluate their current risk and implement appropriate network security mitigation measures as follows:
• Use strong network and physical security protection to prevent an attacker from reaching the local network where Reason clocks are normally installed.
• Block TCP/IP Ports 80 and 443 to block the HTTP/HTTPS access to the RT clock web interface, avoiding all vulnerabilities. The TCP/IP port blocking should be limited to the Ethernet port interface where the RT clock is connected, using Access Control List (ACL) for instance; otherwise, other HTTP/HTTPS applications may be affected as well.
• Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet
• Analyze security events to allow early detection of unexpected traffic/communication.
• GE suggests mitigation action does not ensure complete security, but it can be considered until the affected time synchronization product is upgraded.
• For more information on this vulnerability and firmware updates, please see Reason RT430/RT434 - GPS/GNSS Precision Clocks.

Affected Vendors

Affected Products (1)

Affected Sectors

Chemical, Critical Manufacturing, Energy, Food and Agriculture, Water and Wastewater Systems