Risk Summary
Successful exploitation of these vulnerabilities could allow an attacker to brute force passwords, access certain device files, or cause a denial-of-service condition.
Remediations
- OPTO 22 recommends users follow the direction Dragos and CISA provided for this vulnerability.
- Dragos recommends users take the following actions:
- Disable the built-in web server when not in use through the Network Security settings within the OPTO 22 Pac Manager software.
- Restrict access to the built-in web server found on HTTPS (TCP/443).
- Restrict access to the FTP Port (TCP/21).
- Ensure user credentials are changed to something long, complex, and unique.
Affected Vendors
OPTO 22
Affected Products (1)
OPTO 22
·
SNAP PAC S1 Firmware
R10.3b
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more