JTEKT TOYOPUC Products
Monitor4.3ICS-CERT ICSA-21-245-02Sep 2, 2021
Attack VectorAdjacent
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
JTEKT TOYOPUC industrial Ethernet switches and hubs are vulnerable to a resource exhaustion attack (CWE-770) affecting all models and versions. Successful exploitation allows a remote attacker to deny or disrupt Ethernet communications between connected devices without authentication. This affects a wide range of JTEKT network products including the Plus BUS-EX, PC10 series, Nano series, and EF10 families. The vendor has indicated no fix is available for any affected product.
What this means
What could happen
An attacker with network access to JTEKT industrial switches and hubs could flood or disrupt Ethernet communications, causing temporary loss of connectivity between control devices or field sensors and the PLC.
Who's at risk
Any facility using JTEKT industrial Ethernet switches, hubs, or network interface modules for control system communications should be concerned. This includes water utilities, electric utilities, and manufacturing plants that rely on JTEKT Plus, PC10, Nano, or EF10 series network devices for PLC-to-sensor or PLC-to-SCADA communication.
How it could be exploited
An attacker on the same network segment or with network-layer access to a JTEKT switch/hub could send specially crafted network packets that exhaust the device's resource handling, causing it to drop legitimate traffic or cease forwarding frames between ports.
Prerequisites
- Network access to the same subnet as the affected JTEKT device or routable path to it
- No authentication required to send traffic to the device
No patch availableLow complexityRemotely exploitableAffects industrial network infrastructure
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (27)
27 EOL
ProductAffected VersionsFix Status
Plus BUS-EX TCU-6900: All versionsAll versionsNo fix (EOL)
Nano Safety RS00IP TUU-1086: All versionsAll versionsNo fix (EOL)
PC10P-DP TCC-6726: All versionsAll versionsNo fix (EOL)
Plus EX TCU-6741: All versionsAll versionsNo fix (EOL)
Nano 2ET TUU-6949: All versionsAll versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/1HARDENINGClose unused LAN ports on JTEKT hubs using LAN port lock feature to prevent unauthorized device connections
Mitigations - no patch available
0/3The following products have reached End of Life with no planned fix: Plus BUS-EX TCU-6900: All versions, Nano Safety RS00IP TUU-1086: All versions, PC10P-DP TCC-6726: All versions, Plus EX TCU-6741: All versions, Nano 2ET TUU-6949: All versions, PC10PE-1616P TCC-1102: All versions, PC10B-E/C TCU-6521: All versions, 2PORT-EFR THU-6404: All versions, Plus EX2 TCU-6858: All versions, PC10GE TCC-6464: All versions, Nano 10GX TUC-1157: All versions, Plus 2P-EFR TCU-6929: All versions, PC10P TCC-6372: All versions, Nano CPU TUC-6941: All versions, Plus CPU TCC-6740: All versions, PC10E TCC-4637: All versions, PC10B TCC-1021: All versions, Plus EFR TCU-6743: All versions, PC10B-P TCC-6373: All versions, EF10 TCU-6982: All versions, PC10PE TCC-1101: All versions, PC10P-DP-IO TCC-6752: All versions, PC10G-CPU TCC-6353: All versions, Nano Safety TUC-1085: All versions, FL/ET-T-V2H THU-6289: All versions, Nano Safety RS01IP TUU-1087: All versions, Plus EFR2 TCU-6859: All versions. Apply the following compensating controls:
HARDENINGIsolate control system networks and remote devices behind firewalls, separating them from the business network
HARDENINGImplement network segmentation to minimize internet exposure for all JTEKT switches and hubs; ensure they are not accessible from the internet
HARDENINGUse secure methods such as VPNs for remote access when required; maintain VPN software at the most current version
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/5b7edef6-f36c-4c82-8d78-bed691b0c0fd