OTPulse
FeedAboutContact

XZERES 442SR Wind Turbine CSRF Vulnerability

Low RiskICS-CERT ICSA-15-155-01Mar 7, 2015
Summary

The XZERES 442SR Wind Turbine contains a cross-site request forgery (CSRF) vulnerability in its web-based control interface. An attacker can exploit this by crafting a malicious webpage that, when visited by an authenticated operator, automatically submits unauthorized commands to the turbine. All versions of the 442SR are affected. No vendor patch is available.

What this means
What could happen
An attacker who tricks an authorized turbine operator into visiting a malicious website could perform unauthorized actions on the wind turbine control interface, such as disabling safety features, adjusting operational parameters, or shutting down the turbine without legitimate authorization.
Who's at risk
Wind energy operators managing XZERES 442SR turbines. This affects facility operators and maintenance engineers who access turbine control and monitoring interfaces from computers that may also access the internet or untrusted networks.
How it could be exploited
An attacker creates a malicious webpage and tricks an operator with an active web session to the turbine's control interface into visiting it. The malicious page automatically submits requests to the turbine's web interface, exploiting the lack of CSRF protection to perform actions (stop turbine, disable brakes, change settings) on behalf of the operator.
Prerequisites
  • Operator has an active authenticated web session to the 442SR turbine control interface
  • Operator is tricked into visiting attacker-controlled website while logged in
No patch availableAffects industrial equipment operational controlRequires social engineering component (tricking operator to visit malicious site)
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
442SR Wind Turbine: vers:all/*All versionsNo fix (EOL)
Remediation & Mitigation
0/5
Do now
0/2
WORKAROUNDRestrict web access to turbine control interfaces to authorized engineering workstations only using firewall rules
WORKAROUNDRequire operators to log out of the turbine web interface when not actively performing maintenance or monitoring
Mitigations - no patch available
0/3
442SR Wind Turbine: vers:all/* has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGImplement network segmentation to isolate turbine control interfaces from general corporate networks and internet access
HARDENINGUse a separate web browser or browser profile exclusively for turbine management that is not used for general internet browsing
HARDENINGImplement reverse proxy or VPN authentication layer in front of turbine control interfaces to add additional authorization checks
View full CISA ICS-CERT advisory
โ†‘โ†“ Navigate ยท Esc Close
API: /api/v1/advisories/6f8ba4ad-573b-4e8d-a016-4febeb5f98ad
XZERES 442SR Wind Turbine CSRF Vulnerability - OTPulse