GE Multilin UR / URPlus / B95Plus Protection Relay Cryptographic Algorithm Weakness Information Disclosure (UR-2017-0001)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The firmware installed on the remote GE Multilin UR, URPlus, or
B95Plus protection relay device is affected by an information
disclosure vulnerability.

Description :

The firmware version installed on the remote GE Multilin UR, URPlus,
or B95Plus protection relay device is affected by an information
disclosure vulnerability due to cipher texts using non-random
initialization vectors. An unauthenticated, remote attacker can
exploit this, by conducting a dictionary attack, to disclose user
passwords.

See also :

https://ics-cert.us-cert.gov/advisories/ICSA-17-117-01A
http://www.nessus.org/u?f1207203
http://www.nessus.org/u?eacc84fc

Solution :

Upgrade the firmware on the GE Multilin device :

- UR : 5.83 / 5.92 / 6.02 or later
- URPlus : 1.86 / 1.92 or later
- B95Plus : 1.0.3 or later

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)

Family: SCADA

Nessus Plugin ID: 100462 ()

Bugtraq ID: 98063

CVE ID: CVE-2017-7905

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now