OTPulse
FeedAboutContact

Millbeck Communications Proroute H685t-w

Plan Patch8.8ICS-CERT ICSA-24-261-02Sep 17, 2024
Attack VectorNetwork
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

Millbeck Communications Proroute H685t-w contains vulnerabilities (CWE-77, CWE-79) that could allow an attacker with login credentials to execute arbitrary commands on the device's operating system.

What this means
What could happen
An attacker with valid credentials could run arbitrary commands on the Proroute H685t-w router, potentially altering routing configuration, disrupting network connectivity for control systems, or establishing persistence on the device.
Who's at risk
Organizations operating Millbeck Communications Proroute H685t-w routers as network infrastructure in industrial control systems, particularly water utilities, electric utilities, and manufacturing facilities that rely on this device for segmentation or remote connectivity.
How it could be exploited
An attacker with login credentials (e.g., obtained through social engineering, credential reuse, or phishing) accesses the Proroute H685t-w management interface over the network. The attacker then exploits command injection or script injection vulnerabilities to execute arbitrary OS-level commands with device privileges.
Prerequisites
  • Valid login credentials to the Proroute H685t-w management interface
  • Network access to the management port of the device
  • Device running vulnerable firmware version 3.2.334 or earlier
Remotely exploitableAuthentication required (reduces immediate risk)Low complexity attackDevice is network infrastructure componentHigh CVSS score (8.8)
Exploitability
Low exploit probability (EPSS 0.6%)
Affected products (1)
ProductAffected VersionsFix Status
Proroute H685t-w: 3.2.3343.2.3343.2.335 or higher
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDRestrict network access to the Proroute H685t-w management interface using firewall rules; allow only authorized engineering workstations
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Proroute H685t-w firmware to version 3.2.335 or higher
Long-term hardening
0/2
HARDENINGIsolate control system networks and the Proroute H685t-w router behind firewalls separate from business networks
HARDENINGImplement VPN with multi-factor authentication for any required remote access to the device
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/9613a4e1-f737-4bb7-81fa-dcc4018441c8
Millbeck Communications Proroute H685t-w | CVSS 8.8 - OTPulse