OmniMetrix OmniView Vulnerabilities
Monitor7.5ICS-CERT ICSA-16-350-02Sep 18, 2016
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
OmniMetrix OmniView version 1.2 contains multiple vulnerabilities related to cleartext transmission of sensitive information (CWE-319) and inadequate password protection mechanisms (CWE-521). These issues allow an attacker with network access to intercept authentication credentials and sensitive data transmitted over the network without encryption.
What this means
What could happen
An attacker on the network could intercept login credentials and sensitive operational data transmitted by OmniView, gaining unauthorized access to the monitoring and control system and potentially allowing manipulation of monitored industrial processes.
Who's at risk
Water utilities, electric utilities, and other critical infrastructure operators using OmniMetrix OmniView for SCADA monitoring and data acquisition. Any facility relying on OmniView for real-time process visibility and control is affected.
How it could be exploited
An attacker positioned on the network between an OmniView client and server (or with access to network traffic) can passively intercept unencrypted communications to capture authentication credentials and operational data. Once credentials are obtained, the attacker can log in to OmniView to access or modify monitored systems.
Prerequisites
- Network access to OmniView communication ports (typically 502 or proprietary protocol port)
- Ability to intercept or monitor network traffic between OmniView clients and servers
Remotely exploitableNo authentication required for traffic interceptionLow complexity attackNo patch available (product end-of-life)Affects monitoring and control systems
Exploitability
Low exploit probability (EPSS 0.5%)
Affected products (1)
ProductAffected VersionsFix Status
OmniView: 1.21.2No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/3HARDENINGImplement network segmentation to isolate OmniView systems on a dedicated VLAN with restricted access from untrusted networks
HARDENINGDeploy packet filtering and access controls on firewalls to limit OmniView communication to authorized workstations and servers only
HARDENINGMonitor network traffic to OmniView systems for suspicious activity or unauthorized access attempts
Long-term hardening
0/1HOTFIXPlan replacement or upgrade of OmniView to a supported product version that implements encrypted communications (TLS/SSL)
CVEs (2)
โโ Navigate ยท Esc Close
API:
/api/v1/advisories/87340dc7-a588-4305-8ee1-af10949cde5c