OTPulse
FeedAboutContact

MegaSys Computer Technologies Telenium Online Web Application (Update A)

Act Now9.8ICS-CERT ICSA-24-263-04Sep 19, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Telenium Online Web Application versions 8.3 and earlier contain a code injection vulnerability that allows an attacker to inject arbitrary Perl code through a crafted HTTP request, resulting in remote code execution on the server. The vulnerability has a CVSS score of 9.8 and requires no authentication or user interaction. MegaSys Computer Technologies has released patched versions (v8.3.36 and v7.4.72).

What this means
What could happen
An attacker could inject Perl code through the web interface and run arbitrary commands on the Telenium Online server, potentially allowing them to modify operational data, disrupt remote monitoring, or take control of connected systems.
Who's at risk
Oil and gas operators using Telenium Online Web Application for remote monitoring and control should be concerned. This affects any facility relying on the browser-based interface for operational visibility or command issuance.
How it could be exploited
An attacker sends a crafted HTTP request containing Perl code to the Telenium Online Web Application. The server processes the request without proper input validation and executes the injected code, giving the attacker command execution on the host system.
Prerequisites
  • Network access to the Telenium Online Web Application HTTP/HTTPS interface
  • The web/browser-based interface must be enabled
remotely exploitableno authentication requiredlow complexityhigh CVSS score (9.8)affects remote monitoring systems
Exploitability
Moderate exploit probability (EPSS 1.9%)
Affected products (1)
ProductAffected VersionsFix Status
Telenium Online Web Application: <=8.3≤ 8.3v8.3.36 or v7.4.72
Remediation & Mitigation
0/4
Do now
0/2
WORKAROUNDDisable the web/browser-based interface until patching can be completed
HARDENINGRestrict network access to the Telenium Online Web Application—ensure it is not accessible from the internet and place it behind a firewall
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Telenium Online Web Application to v8.3.36 or later (or to v7.4.72 if on the v7.x branch)
Long-term hardening
0/1
HARDENINGIf remote access is required, implement a VPN with current security patches
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/3c836a28-2ba1-4cd8-8971-b868d3e14c35