Schweitzer Engineering Laboratories, Inc. SEL-3620 and SEL-3622 Improper Access Control (CVE-2017-7928)

critical Tenable OT Security Plugin ID 500541

Synopsis

The remote OT asset is affected by a vulnerability.

Description

An Improper Access Control issue was discovered in Schweitzer Engineering Laboratories (SEL) SEL-3620 and SEL-3622 Security Gateway Versions R202 and, R203, R203-V1, R203-V2 and, R204, R204-V1. The device does not properly enforce access control while configured for NAT port forwarding, which may allow for unauthorized communications to downstream devices.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

SEL has determined that, when NAT port forwarding is not used, all routed traffic is filtered properly through the firewall access control lists. If NAT port forwarding is required, SEL recommends that users of affected products contact their SEL Sales Representative or Customer Service Representative to obtain a no-cost firmware upgrade CD-ROM packet including upgrade instructions.

Contact can be made at the following location:

https://selinc.com/support/?categories.Sales

See Also

https://ics-cert.us-cert.gov/advisories/ICSA-17-192-06

http://www.securityfocus.com/bid/99536

Plugin Details

Severity: Critical

ID: 500541

Version: 1.9

Type: remote

Family: Tenable.ot

Published: 2/7/2022

Updated: 9/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 6.5

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2017-7928

CVSS v3

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:selinc:sel-3620_firmware:r204, cpe:/o:selinc:sel-3622_firmware:r203-v1, cpe:/o:selinc:sel-3622_firmware:r204-v1, cpe:/o:selinc:sel-3620_firmware:r203, cpe:/o:selinc:sel-3620_firmware:r203-v, cpe:/o:selinc:sel-3622_firmware:r204, cpe:/o:selinc:sel-3620_firmware:r204-v1, cpe:/o:selinc:sel-3622_firmware:r203, cpe:/o:selinc:sel-3620_firmware:r203-v1, cpe:/o:selinc:sel-3622_firmware:r202, cpe:/o:selinc:sel-3620_firmware:r202, cpe:/o:selinc:sel-3622_firmware:r203-v

Required KB Items: Tenable.ot/SEL

Exploit Ease: No known exploits are available

Patch Publication Date: 8/7/2017

Vulnerability Publication Date: 8/7/2017

Reference Information

CVE: CVE-2017-7928

ICSA: 17-192-06