The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory concerning a high-severity vulnerability in the RAD Data Communications SecFlow-2 switch/router. This industrial switch, which is built for harsh environments, has been found to have a critical path traversal vulnerability identified as CVE-2019-6268. This flaw allows unauthorized access to sensitive system files, potentially exposing password hashes and other critical data.
The vulnerability was publicly disclosed in early March 2024 when a proof-of-concept (PoC) exploit was released on the Packet Storm website. The exploit allows attackers to craft requests that bypass directory restrictions, thereby accessing files that should be protected. This issue is particularly concerning for industrial control systems (ICS) and operational technology (OT), as exposure of such sensitive information can lead to severe security risks.
CISA notified RAD Data Communications about the vulnerability, but since the SecFlow-2 switch has reached its end of life (EOL), the vendor has recommended that users upgrade to the newer SecFlow-1p industrial IoT gateway. Despite this, many devices are still in use globally, and the outdated equipment remains vulnerable to exploitation.
To mitigate risks, CISA has provided general recommendations for improving security. Organizations are advised to implement these recommendations to safeguard their systems against potential malicious attacks exploiting the identified vulnerability. The advisory highlights the importance of upgrading outdated equipment and following best practices to enhance overall cybersecurity.
Reference:
