Gemalto Sentinel License Manager

Act Now9.9ICS-CERT ICSA-18-032-03Feb 1, 2018

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Gemalto Sentinel License Manager versions prior to Sentinel LDK RTE 7.55 contain multiple memory safety vulnerabilities (null pointer dereference and buffer overflows in CWE-476, CWE-121, CWE-122) and access control flaws (CWE-284). A remote attacker can send a specially crafted request to the licensing service to trigger code execution or denial of service without any credentials. The vulnerability is remotely exploitable over the network and requires low skill level to exploit.

What this means

What could happen

An attacker who reaches a device running vulnerable Sentinel License Manager could execute arbitrary code remotely with no credentials, potentially disrupting software licensing or gaining access to control system networks that depend on this licensing infrastructure.

Who's at risk

Water utilities, power systems, and any industrial facility that uses Gemalto Sentinel License Manager to license critical control system software or SCADA applications. This affects engineering workstations, HMIs, and licensing servers that manage software protection keys for operational systems.

How it could be exploited

An attacker sends a crafted network request to the Sentinel License Manager service (default network-facing port). Due to memory safety flaws (null pointer dereference and buffer overflow), the malformed input causes the service to crash or execute attacker-supplied code. This could happen from any network segment that can reach the licensing server.

Prerequisites

Network reachability to the Sentinel License Manager service port
No credentials or authentication required
Device must be running a vulnerable version (prior to Sentinel LDK RTE 7.55)

remotely exploitableno authentication requiredlow complexityno patch availablecritical severityunauthenticated network access

Exploitability

Moderate exploit probability (EPSS 8.3%)

Affected products (1)

ProductAffected VersionsFix Status

All HASP SRM Sentinel HASP and Sentinel LDK: products prior to Sentinel LDK RTE 7.55< sentinel ldk rte 7.55No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDRestrict network access to the Sentinel License Manager service port using firewall rules; allow only engineering workstations and authorized systems that need licensing services

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade HASP SRM Sentinel and Sentinel LDK to version 7.55 or later

Mitigations - no patch available

0/2

All HASP SRM Sentinel HASP and Sentinel LDK: products prior to Sentinel LDK RTE 7.55 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGPlace Sentinel License Manager on a protected network segment (DMZ or internal licensing subnet) and block inbound access from the Internet and untrusted business networks

HARDENINGIf remote access to the licensing infrastructure is required, route all connections through a VPN with current security updates and place the VPN gateway on a hardened network segment

CVEs (7)

CVE-2017-11498 CVE-2017-11497 CVE-2017-11496 CVE-2017-12818 CVE-2017-12821 CVE-2017-12820 CVE-2017-12822

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/746da6f1-089d-42cb-82fe-aae44b180cc4