Güralp Systems Fortimus, Minimus, and Certimus Series Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the web interface of Güralp Systems Fortimus Series, Minimus Series, and Certimus Series. This vulnerability allows an unauthenticated attacker with network access to send specially-crafted HTTP requests that cause the web service process to restart deliberately. While this restart mechanism limits the attack's overall impact, it creates a temporary denial-of-service condition during the process.

Impact

Exploitation of this vulnerability leads to a temporary denial-of-service condition, causing the web service process to restart and briefly interrupting service availability.

Remediation

CISA recommends minimizing network exposure for control system devices, ensuring they are not accessible from the internet. Control system networks and remote devices should be located behind firewalls and isolated from business networks. When remote access is necessary, use secure methods such as Virtual Private Networks (VPNs), keeping in mind that VPNs may have vulnerabilities and should be updated to the latest version. Organizations should perform a proper impact analysis and risk assessment before deploying defensive measures.