The global site of the UK's leading magazine for automation, motion engineering and power transmission
28 March, 2024

LinkedIn
Twitter
Twitter link

Vulnerability is found in wireless automation software

29 October, 2013

The US information security specialist IOActive says it has discovered a vulnerability in ProSoft Technology’s RadioLinx ControlScape application. The software is used to configure and install radios in frequency-hopping networks and to monitor the performance of the devices, mainly in Rockwell Automation and Schneider Electric systems used in industries such as water and wastewater, oil and gas, and electric utilities.

When it creates a new radio network, the software generates a random passphrase and sets encryption levels to 128-bit Advanced Encryption Standard (AES). Because it uses the local time as the seed to generate passphrases, IOActive suggests that an attacker could predict the default values in the software.

“Wireless radios used in industrial control systems use software like that from ProSoft Technology to create and manage a new network,” explains IOActive researcher, Lucas Apa. “When a new network is created the software calculates a passphrase using a pseudo-random number generator. The problem is that it uses the local time as the seed. This makes this algorithm predictable and weak, and vulnerable to expedited brute-force passphrase and other cryptographic-based attacks.”

“By being able to guess the passphrase, an attacker could communicate with the network the device is connected to, with devastating consequences,” adds another IOActive researcher, Carlos Penagos. “For example, if an attacker is able to communicate with devices on the wireless network of a nuclear power plant, he could manipulate the data sent from these devices to industrial processes and cause dangerous consequences by overheating liquids or over pressurising chemicals, which, in turn, would result in catastrophic failure.”

The US Government’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has published an advisory giving details of the vulnerability. ProSoft Technology has produced a firmware patch to mitigate the vulnerability, and IOActive has issued its own advisory outlining the affected products, the impact of the vulnerability, and the solution.




Magazine
  • To view a digital copy of the latest issue of Drives & Controls, click here.

    To visit the digital library of past issues, click here

    To subscribe to the magazine, click here

     

Poll

"Do you think that robots create or destroy jobs?"

Newsletter
Newsletter

Events

Most Read Articles