Softing’s Security Slip-Up: Edge Your Bets Against ClearText and Path Traversal Flaws!

“EdgeConnector Exposed: Simple Hacks for Complex Attacks!” – Your sensitive data might be taking a stroll down Cleartext Lane, thanks to Softing’s edgeConnector’s vulnerabilities. Update before hackers RSVP to your network’s party! #CybersecurityFauxPas

Hot Take:

Oh no, not another “cleartext transmission” thriller and its sidekick “path traversal” menace! If cybersecurity were a comic book, these vulnerabilities would be the overused villains always snooping around our sensitive data. Softing’s edgeConnector and edgeAggregator are donning their capes, ready to fight off the cyber rogues with their shiny new update. Buckle up, folks; it’s patching time!

Key Points:

  • Softing’s edgeConnector and edgeAggregator have been caught with their digital pants down, exposing clear-as-day sensitive data and a path traversal flaw. Uh-oh, spaghettio!
  • Bring out the virtual measuring tape, because we’ve got a CVSS v3 score of 7.2 for the path traversal and a whopping 8.0 for the info strip show!
  • If you’re using the affected products, it’s time for a software wardrobe change to version 3.70 or greater. Dress for the job you want, not the one with security holes.
  • The vulnerabilities were sniffed out by the cyber bloodhounds at STAR Labs SG Pte. Ltd. and Claroty Team82, in collaboration with Trend Micro Zero Day Initiative. Good boys!
  • CISA swings in with mitigation advice, basically saying, “Keep your control systems off the grid, folks, and when you VPN, VPN hard!”
Title: Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability
Cve id: CVE-2023-38126
Cve state: PUBLISHED
Cve assigner short name: zdi
Cve date updated: 12/19/2023
Cve description: Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of backup zip files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this to execute code in the context of root. Was ZDI-CAN-20543.

Title: Cleartext Transmission of Sensitive Information in Softing edgeConnector and edgeAggregator
Cve id: CVE-2024-0860
Cve state: PUBLISHED
Cve assigner short name: icscert
Cve date updated: 03/14/2024
Cve description: The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker to capture packets to craft their own requests.

Need to know more?

Attackers' Playground

So, here's the gist: Softing's edgeConnector and edgeAggregator, both rocking version 3.60, are like an open diary to any attacker with admin access. They can waltz right in, read your secrets, and write all over your files like a toddler with a crayon. Not ideal.

Secrets in the Air

Now, imagine sending love letters through a paper airplane in a park full of nosy people. That's what the cleartext transmission vulnerability feels like. Any Tom, Dick, or Hacker with a packet sniffer can intercept your digital love notes and even pen their own replies. Cue the dramatic gasp!

The Patchwork Hero

But fear not, for there is a hero in our midst, and its name is Update! By upgrading to version 3.70, you can slap on some armor against these dastardly exploits. It's like going from a paper airplane to a stealth bomber in terms of sending those love notes. Much better.

The Cyber Sleuths

A tip of the hat to Pan ZhenPeng, Li JianTao, and the vigilant folks at Claroty Team82. These cybersecurity detectives did the digital equivalent of dusting for fingerprints and caught the vulnerabilities red-handed. Well done, chaps!

CISA's Words of Wisdom

Last but not least, CISA, akin to a wise old sensei, bestows upon us the knowledge to fend off these cyber vermin. Their advice rings clear: Keep your systems off the internet playground, guard them with the digital equivalent of a firewall moat, and if you must venture into the wild web, use a VPN shield. And remember, always think before you click, lest you fall for the oldest trick in the book – the dreaded phishing scam.

And there you have it. The world of cybersecurity never sleeps, and neither do the vulnerabilities. But with vigilance and timely updates, we can keep our digital diaries locked and our paper airplanes flying high and secure.

Tags: Cleartext Information Exposure, Critical Manufacturing Sector, CVSS v3.1, Industrial Control Systems security, path traversal vulnerability, Softing edgeConnector, vulnerability mitigation