Franklin Fueling System EVO 550/5000

Plan Patch7.5ICS-CERT ICSA-24-079-01Mar 19, 2024

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Franklin Fueling Systems EVO 550 and EVO 5000 contain a vulnerability that allows an attacker to read arbitrary files on the system. The vulnerability affects versions below 2.26.3.8963.

What this means

What could happen

An attacker could read sensitive files on your fuel dispenser control system, potentially exposing configuration data, passwords, or operational parameters. This could enable further attacks or unauthorized access to the fueling infrastructure.

Who's at risk

Fuel station operators and fuel retailers managing Franklin Fueling Systems EVO 550 and EVO 5000 dispensers. These are common in both brand-name fuel stations and independent fueling networks that rely on centralized control and management of dispenser fleets.

How it could be exploited

An attacker with network access to the EVO 550 or EVO 5000 could send requests to read arbitrary files without authentication. No specific interaction is required from users or operators—the attack succeeds remotely on vulnerable systems.

Prerequisites

Network access to the EVO 550 or EVO 5000 control system
No authentication required

remotely exploitableno authentication requiredlow complexityinformation disclosureaffects critical fuel infrastructure

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (2)

2 with fix

ProductAffected VersionsFix Status

EVO 550: <2.26.3.8963<2.26.3.89632.26.3.8963

EVO 5000: <2.26.3.8963<2.26.3.89632.26.3.8963

Remediation & Mitigation

0/4

Do now

0/3

HARDENINGRestrict network access to EVO 550 and EVO 5000 control systems; do not expose them directly to the internet

HARDENINGPlace EVO 550 and EVO 5000 systems behind a firewall and isolate them from business networks

WORKAROUNDIf remote access is required, use a VPN or other secure tunnel and ensure VPN software is kept current

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate EVO 550 and EVO 5000 to firmware version 2.26.3.8963 or later

CVEs (1)

CVE-2024-2442

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/001c0657-addd-4110-bea7-6c81c2745e84