OTPulse
FeedAboutContact

ETIC Telecom RAS Authentication

Plan Patch7.1ICS-CERT ICSA-23-208-01Jul 27, 2023
Attack VectorAdjacent
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

ETIC Telecom RAS versions 4.7.0 and earlier contain an unauthenticated administration interface (CWE-1188) that allows an attacker on the local network to reconfigure the device or cause a denial-of-service condition. The RAS is a remote access solution used in control system environments. No public exploits are known. The vulnerability is not remotely exploitable and requires local network access.

What this means
What could happen
An attacker on the local network could reconfigure the RAS device or disrupt its operation by sending malicious requests to the unauthenticated administration interface, potentially affecting remote access or control system connectivity.
Who's at risk
Water utilities and electric utilities that use ETIC Telecom RAS devices for remote access and management should assess their exposure. The RAS is a remote access server used to manage control system devices and networks, so compromise could affect the availability and integrity of any connected systems.
How it could be exploited
An attacker must be on the same local network segment as the RAS device. They send HTTP requests to the administration interface (port typically 80 or 8080) to modify device settings or trigger a denial-of-service condition. No authentication is required in versions up to 4.7.0 because the administration interface lacks credential validation.
Prerequisites
  • Local network access to the RAS device administration interface (typically HTTP/HTTPS)
  • RAS firmware version 4.7.0 or earlier
  • Administration interface must be reachable from the attacker's network segment
no authentication requiredlow complexitylocal network access requiredaffects remote access systemdefault configuration is insecure
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
RAS: <= 4.7.0≤ 4.7.04.9.0
Remediation & Mitigation
0/5
Do now
0/2
WORKAROUNDEnable password protection on the administration interface via Setup > Security > Administration, create an administrator account, and enable the 'Password protect the configuration interface' setting
HARDENINGConfigure the administration interface to use HTTPS only via Setup > Security > Administration
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate ETIC Telecom RAS firmware to version 4.9.0 or later
Long-term hardening
0/2
HARDENINGIsolate the RAS device behind a firewall and restrict access to the administration interface to authorized management networks only
HARDENINGSegment control system networks from business networks and the Internet
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/e176aba0-788a-48e5-bd71-98525dbd8d33
ETIC Telecom RAS Authentication | CVSS 7.1 - OTPulse