Introduction

The discovery of multiple significant security vulnerabilities in the Manufacturing Message Specification (MMS) protocol implementations poses serious risks to industrial environments. These vulnerabilities, if exploited [3], could lead to major disruptions [2], including device crashes and remote code execution [4], highlighting the urgent need for enhanced cybersecurity measures in industrial settings [2].

Description

Multiple significant security vulnerabilities have been identified in two implementations of the Manufacturing Message Specification (MMS) protocol [1] [2] [3] [5], posing serious risks to industrial environments [2]. If exploited [3], these vulnerabilities can lead to major disruptions [2], including the potential for attackers to crash industrial devices or enable remote code execution [1] [2] [3]. MMS is an OSI application layer messaging protocol widely used in industrial automation systems, facilitating communication between intelligent electronic devices (IEDs) [1], sensors [2], supervisory control and data acquisition (SCADA) systems [1], and programmable logic controllers (PLCs) [1].

The vulnerabilities specifically affect MZ Automation’s libIEC61850 library and Triangle MicroWorks’ TMW IEC 61850 library [1], both of which were patched in September and October 2022 following responsible disclosure [1]. Additionally, Siemens SIPROTEC 5 IEDs have been identified as utilizing an outdated MMS protocol stack [4], highlighting a disconnect between contemporary security requirements and legacy industrial protocols [4].

One notable vulnerability, CVE-2022-38138 [1], has a CVSS score of 7.5 and involves the access of an uninitialized pointer [1], which can lead to a denial-of-service (DoS) condition. The implications of these vulnerabilities are severe [2], including potential financial losses due to downtime and recovery efforts [2], safety risks to workers from malfunctioning devices [2], and the possibility of data breaches if attackers gain control and steal sensitive operational information [2]. Similar vulnerabilities have also been discovered in Espressif’s ESP-NOW and Beckhoff Automation’s TwinCAT/BSD systems [4], underscoring the broader security challenges faced by industrial protocols and the urgent need for enhanced cybersecurity measures in industrial settings to protect against potential attacks.

Conclusion

The identified vulnerabilities in MMS protocol implementations underscore the critical need for ongoing vigilance and proactive measures in cybersecurity within industrial environments. Mitigations, such as timely patching and updating of vulnerable systems, are essential to prevent potential exploitation. Furthermore, the alignment of legacy systems with contemporary security standards is crucial to safeguarding industrial operations. As industrial protocols continue to evolve, a robust cybersecurity framework will be imperative to protect against emerging threats and ensure the resilience of industrial systems.

References

[1] https://thehackernews.com/2024/10/researchers-uncover-major-security.html
[2] https://krofeksecurity.com/revolutionizing-industrial-security-unveiling-critical-vulnerabilities-mms-protocol-libraries/
[3] https://news.backbox.org/2024/10/09/researchers-uncover-major-security-vulnerabilities-in-industrial-mms-protocol-libraries/
[4] https://thenimblenerd.com/article/industrial-protocols-under-siege-vulnerabilities-threaten-to-crash-the-factory-party/
[5] https://www.linkedin.com/posts/wdevault_researchers-uncover-major-security-vulnerabilities-activity-7249806532551344129-si2z