Delta Electronics COMMGR Insufficient Randomization Session ID Brute Force Vulnerability Allowing Arbitrary Code Execution

A vulnerability exists in Delta Electronics COMMGR versions 1 and 2 due to the use of insufficiently randomized values for generating session IDs. This flaw allows attackers to easily brute force session IDs, potentially leading to unauthorized access and execution of arbitrary code within the application. The vulnerability arises from the use of cryptographically weak pseudo-random number generators, which fail to provide adequate randomness for secure session management.

Impact

Exploitation of this vulnerability could enable remote access to the AS3000Simulator family within the COMMGR software, allowing for the execution of arbitrary code.

Remediation

Delta Electronics is actively working on a fix for COMMGR version 2. Users of COMMGR version 1, which has reached end of life, are advised to minimize network exposure for control system devices and software, use secure remote access methods like VPNs, and isolate control system networks from business networks. Additional guidance is available on the CISA website.