AutomationDirect MB-Gateway

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to make configuration changes, disrupt operations, or achieve arbitrary code execution.

CVEs (1)

Remediations

• The hardware limitation of MB-Gateway does not provide for the implementation of proper access control update. AutomationDirect recommends that users plan for replacement of MB-Gateway with EKI-1221-CE.
• If an immediate replacement is not feasible, AutomationDirect recommends considering the following interim steps until the programming software can be updated:
• Restrict network exposure: Ensure devices affected are not accessible from the Internet or untrusted networks. Place them behind firewalls.
• Use dedicated, secure internal networks or air-gapped systems for communication with programmable devices.
• Control Access: Restrict physical and logical access to authorized personnel only.
• Implement Whitelisting: Use application whitelisting to allow only pre-approved and trusted access. Block untrusted or unauthorized applications.
• Monitor and Log Activity: Enable logging and monitoring of system activities to detect potential anomalies or unauthorized actions. Regularly review logs for suspicious activity.
• Use Secure Backup and Recovery: Regularly back up the workstation and its configurations to a secure location. Test recovery procedures to ensure minimal downtime in the event of an incident.
• Plan for device replacement: Organizations should begin evaluating and migrating to supported hardware with active vendor support.

Affected Vendors

Affected Products (1)

Affected Sectors

Critical Manufacturing