AutomationDirect C-more EA9 HMI

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition or achieve remote code execution on the affected device.

CVEs (1)

Remediations

• AutomationDirect recommends that users update C-MORE EA9 HMI software and firmware to V6.80.
• If an immediate update is not feasible, AutomationDirect recommends considering the following interim steps until the programming software can be updated:
• Isolate the HMI Workstation: Disconnect the HMI from external networks (e.g., internet or corporate LAN) to limit exposure to external threats.
• Use dedicated, secure internal networks or air-gapped systems for communication with programmable devices.
• Control Access: Restrict physical and logical access to the HMI to authorized personnel only.
• Implement Whitelisting: Use application whitelisting to allow only pre-approved and trusted software to execute on the HMI. Block untrusted or unauthorized applications.
• Apply Endpoint Security Measures: Use antivirus or endpoint detection and response (EDR) tools to monitor for and mitigate threats. Ensure that host-based firewalls are properly configured to block unauthorized access.
• Monitor and Log Activity: Enable logging and monitoring of system activities to detect potential anomalies or unauthorized actions. Regularly review logs for suspicious activity.
• Use Secure Backup and Recovery: Regularly back up the workstation and its configurations to a secure location. Test recovery procedures to ensure minimal downtime in the event of an incident.
• Conduct Regular Risk Assessments: Continuously assess the risks posed by the outdated software and adjust mitigation measures as necessary.
• For more information, please see the AutomationDirect security advisory.

Affected Vendors

Affected Products (10)

Affected Sectors

Critical Manufacturing