GE PACSystems CPE305/310, CPE330, CPE400, RSTi-EP CPE 100, CPU320/CRU320, RXi Improper Input Validation (CVE-2018-8867)

high Tenable OT Security Plugin ID 500159

Synopsis

The remote OT asset is affected by a vulnerability.

Description

In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 version 9.21 and prior, RX3i CPE 400 version 9.30 and prior, PACSystems RSTi-EP CPE 100 all versions, and PACSystems CPU320/CRU320 RXi all versions, the device does not properly validate input, which could allow a remote attacker to send specially crafted packets causing the device to become unavailable.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

GE has released the following firmware to mitigate the vulnerability (login required):

IC695CPE305 – https://digitalsupport.ge.com/communities/en_US/Download/IC695CPE305-PACSystems-RX3i-CPU-DN – Upgrade Kit:
CPE305_FW9_40_41G1733-MS10-000-A17.zip

IC695CPE310 – https://digitalsupport.ge.com/communities/en_US/Download/IC695CPE310-PACSystems-RX3i-CPU-DN – Upgrade Kit:
CPE310_FW9_40_41G1734-MS10-000-A17.zip

IC695CPE330 – https://digitalsupport.ge.com/communities/en_US/Download/IC695CPE330-PACSystems-RX3i-CPU-DN – Upgrade Kit:
CPE330_FW9_40_41G2016-FW01-000-A11.zip

IC695CPE400 – https://digitalsupport.ge.com/communities/en_US/Download/IC695CPE400-PACSystems-RX3i-Rackless-CPU-with- Field-Agent – Upgrade Kit: CPE400_FW9_40_41G2376-FW01-000-A3.zip

For CPE100 the newest firmware can be obtained through the following link:

https://digitalsupport.ge.com/communities/en_US/Download/EPSCPE100-RSTi-EP-CPU-Firmware

GE reports that CPU/CRU320 is end of life, and there is a direct upgrade path available to users.

See Also

https://ics-cert.us-cert.gov/advisories/ICSA-18-137-01

http://www.securityfocus.com/bid/104241

Plugin Details

Severity: High

ID: 500159

Version: 1.6

Type: remote

Family: Tenable.ot

Published: 2/7/2022

Updated: 3/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2018-8867

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:ge:pacsystems_rx3i_cpe305_firmware, cpe:/o:ge:pacsystems_rx3i_cpe310_firmware, cpe:/o:ge:rx3i_cpe330_firmware, cpe:/o:ge:rx3i_cpe_400_firmware

Required KB Items: Tenable.ot/GE

Exploit Ease: No known exploits are available

Patch Publication Date: 5/18/2018

Vulnerability Publication Date: 5/18/2018

Reference Information

CVE: CVE-2018-8867

CWE: 20