This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_HIRSCHMANN_CVE-2020-9307.NASLHitachi ABB Power Grids AFS Series Loop with Unreachable Exit Condition (CVE-2020-9307)
6.1 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.1%
Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a denial of service. An unauthenticated, adjacent attacker can cause an infinite loop on one of the HSR ring ports of the device. This effectively breaks the redundancy of the HSR ring. If the attacker can perform the same attack on a second device, the ring is broken into two parts (thus disrupting communication between devices in the different parts).
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(502266);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/11");
script_cve_id("CVE-2020-9307");
script_name(english:"Hitachi ABB Power Grids AFS Series Loop with Unreachable Exit Condition (CVE-2020-9307)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a
denial of service. An unauthenticated, adjacent attacker can cause an
infinite loop on one of the HSR ring ports of the device. This
effectively breaks the redundancy of the HSR ring. If the attacker can
perform the same attack on a second device, the ring is broken into
two parts (thus disrupting communication between devices in the
different parts).
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
# https://www.belden.com/dfsmedia/f1e38517e0cd4caa8b1acb6619890f5e/12276-source/options/view
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?83797cf6");
script_set_attribute(attribute:"see_also", value:"https://www.belden.com/security");
script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-21-075-03");
script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.
Hitachi ABB Power Grids has published an advisory for AFS Series and advises users to update products with available
updates. The update removes the vulnerability by modifying the way the switch processes HSR frames.
For additional information and support, contact a product provider or Hitachi ABB Power Grids service organization. For
contact information, see Hitachi ABB Power Grids contact-centers.");
script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-9307");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(835);
script_set_attribute(attribute:"vuln_publication_date", value:"2021/02/11");
script_set_attribute(attribute:"patch_publication_date", value:"2021/02/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/06/10");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:belden:hirschmann_hios:07");
script_set_attribute(attribute:"cpe", value:"cpe:/o:belden:hirschmann_hios:08");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Hirschmann");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Hirschmann');
var asset = tenable_ot::assets::get(vendor:'Hirschmann');
var vuln_cpes = {
"cpe:/o:belden:hirschmann_hios:07" :
{"versionEndExcluding" : "07.1.00", "versionStartIncluding" : "07.0.04", "family" : "Hirschmann"},
"cpe:/o:belden:hirschmann_hios:08" :
{"versionEndExcluding" : "08.3.00", "versionStartIncluding" : "08.0.00", "family" : "Hirschmann"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);
| Vendor | Product | Version | CPE |
|---|---|---|---|
| belden | hirschmann_hios | 08 | cpe:/o:belden:hirschmann_hios:08 |
| belden | hirschmann_hios | 07 | cpe:/o:belden:hirschmann_hios:07 |
Related
6.1 Medium
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:N/I:N/A:C
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.1%