1 Year Warranty
Nozomi Networks discovers flaws in Bently Nevada protection systems.
OT security specialist Nozomi Networks has identified three vulnerabilities on the Baker Hughes Bently Nevada 3500 rack model used to detect and prevent anomalies in rotating machinery such as turbines, compressors, motors, and generators.
Nozomi warns that the most serious of the three vulnerabilities may allow an attacker to bypass the authentication process and obtain complete access to the device by delivering a malicious request.
According to Nozomi, "the development of a patch is not planned due to legacy limitations."
The initial discovery was made by reverse engineering the proprietary protocol used by the device, and Nozomi has confirmed that all of these vulnerabilities affect firmware versions up to 5.05 and later of the /22 TDI Module (both USB and serial versions).
Nozomi suggests the following measures to mitigate the issues.
1. RUN mode vs CONFIG mode: PLCs and control systems often implement physical keys to either put the device in RUN mode or in CONFIG mode. The latter is typically used by technicians during maintenance activities to enable writing permission of new configurations on the device. One common misconfiguration that might occur is to either forget to put back the device into RUN mode after a maintenance activity or opt for a default always-on CONFIG mode to facilitate remote changes. A best practice is to make sure that devices are always kept in RUN mode whenever possible.
2. Network segmentation: Design and implement proper network segmentation strategies to prevent unauthorised parties from interacting with critical assets. This is especially recommended for legacy solutions that are no longer actively supported by vendors.
3. Strong and unique passwords: Make sure to guarantee uniqueness in conjunction with robustness when choosing credentials. The former property is often underestimated but could provide defence in those scenarios where credentials extracted from a vulnerable machine or component could be easily reused over fully patched systems sharing the same credentials.
4. Non-default enhanced security features: Check your device manual for security features that are not enabled by default. Often, these additional features could strongly reduce the likelihood or the impact of a specific vulnerability and mitigate 'hard-to-patch' situations. With respect to Bently Nevada devices, Nozomi Networks recommends customers review the various security levels made available through the configuration utility and choose the one that matches specific needs and security policy.
You may be interest |
|||
ABB |
ALSTOM |
WESTINGHOUSE |
ENTEK |
SAFUR 80F500 |
MMLG02 |
1C31116G02 |
C6691/ICP |
NBRA-656C |
8114-4001 |
5X00109G01 |
E2108/9/0012108-9-001 |
CS31 ECZ FPR3700001R0001 |
8164-4002 |
5X00226G01 |
18605 |
ICSI16E1 FPR3316101R1032 |
8172-4003 |
5X00273G01 |
15244 |
ICSK20F1 FPR3327101R1202 |
8174-4002 |
5X00105G14 |
C6691/IRD |
3BHB004744R0010 XVC517 AE10 |
8211-4303 |
7379A21G02 |
E2172/1/80 |
NGPS13C 3AUA0000042489 |
8261-4154 |
7379A21G01 |
C6622HS 6600/EC6622HS |
PP235 3BSC690102R2 |
8261-4155 |
5X00070G01 |
6688 IRD |
If you have urgent order or inquiry , please contact John to ask price freely.
Disclaimer:
We are not an authorized distributor or distributor of the product manufacturer of this website, The product may have older date codes or be an older series than that available direct from the factory or authorized dealers. Because our company is not an authorized distributor of this product, the Original Manufacturer’s warranty does not apply.
While many PLC products will have firmware already installed, Our company makes no representation as to whether a PLC product will or will not have firmware and, if it does have firmware, whether the firmware is the revision level that you need for your application. Our company also makes no representations as to your ability or right to download or otherwise obtain firmware for the product from our company, its distributors, or any other source. Our company also makes no representations as to your right to install any such firmware on the product. Our company will not obtain or supply firmware on your behalf. It is your obligation to comply with the terms of any End-User License Agreement or similar document related to obtaining or installing firmware.