← Back to home
ICSA-23-208-01  ·  Published 2023-07-27  ·  View on CISA ICS-CERT ↗

ETIC Telecom RAS Authentication

CVSS 7.1 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to reconfigure the device or cause a denial-of-service condition.

CVEs (1)

Remediations

  • ETIC Telecom recommends updating the affected devices' firmware to the following versions:
  • ETIC Telecom RAS: version 4.9.0 or later
  • ETIC Telecom recommends enabling the authentication mechanism on the administration interface. This can be done on the page "> Setup > Security > Administration right" by creating an administrator on the "List of administrators" table, enabling the parameter "Password protect the configuration interface," then setting the parameter "Protocols to use for configuration" to "HTTPs only".
  • NOTE: for firmware versions 4.9.0 or later, enabling the administration protection is mandatory after the first product start.

Affected Vendors

ETIC Telecom

Affected Products (1)

ETIC Telecom · ETIC Telecom RAS <= 4.7.0

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more