Hughes Network Systems WL3000 Fusion Software

Monitor6.5ICS-CERT ICSA-24-249-01Sep 5, 2024

Attack VectorAdjacent

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

The WL3000 Fusion Software contains credential storage and encryption weaknesses (CWE-522, CWE-311) that could allow a local attacker to obtain read-only access to network configuration information and terminal configuration data. The vulnerabilities are not remotely exploitable and require an attacker to be on the same local network segment. No public exploitation has been reported.

What this means

What could happen

An attacker with local network access to a WL3000 Fusion device could read network and terminal configuration information, potentially exposing settings used by satellite communication systems or SCADA management networks.

Who's at risk

Operators of Hughes Network Systems WL3000 Fusion satellite communication management systems, particularly those used in utility SCADA networks, remote office operations, or multi-site management platforms. Affects any organization relying on WL3000 for network or terminal configuration.

How it could be exploited

An attacker must be on the same local network segment (Ethernet/wireless) as the WL3000 device. They can then exploit weak credential storage (CWE-522) or unencrypted configuration data transmission (CWE-311) to extract plaintext or poorly protected configuration information without authentication.

Prerequisites

Local network access to WL3000 device (same subnet or VLAN)
No authentication required
Access to configuration interfaces or data streams

Local network access required (not remote)No authentication requiredLow exploit complexityConfiguration data exposureNo vendor patch available

Exploitability

Low exploit probability (EPSS 0.2%)

Affected products (1)

ProductAffected VersionsFix Status

WL3000 Fusion Software: <2.7.0.10<2.7.0.10No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGInstall firewall rules to restrict access to WL3000 devices to only authorized engineering workstations and management systems

WORKAROUNDDisable remote access to WL3000 unless required; if required, tunnel access through a VPN with current security patches

Mitigations - no patch available

0/2

WL3000 Fusion Software: <2.7.0.10 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGImplement network segmentation: isolate WL3000 Fusion devices on a dedicated VLAN separate from business networks and internet-facing systems

HARDENINGMonitor WL3000 devices for unauthorized configuration access attempts

CVEs (2)

CVE-2024-39278 CVE-2024-42495

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/272bcd63-72bf-47ef-b58d-0a06f21f94af