Connect with us

Hi, what are you looking for?



Cisco Finds 8 Vulnerabilities in OAS Industrial IoT Data Platform

Vulnerabilities identified in the OAS Platform could be exploited to bypass authentication, leak sensitive information, and overwrite files.

Multiple vulnerabilities in the Open Automation Software (OAS) Platform can be exploited to bypass authentication, leak sensitive information, and overwrite files, Cisco warns.

Enabling communication and data transfer between servers, industrial control systems (ICS), IoT, and other types of devices, the OAS Platform is typically used in industrial operations and enterprise environments. It also supports logging and notifications, and cross-platform integrations.

On Wednesday, Cisco’s Talos security researchers disclosed eight vulnerabilities identified in the OAS Platform’s engine configuration management functionality, which allows users to load and save configurations to a disk and install them on other devices. Three of the bugs are rated high-severity.

The most important of these are CVE-2023-31242 and CVE-2023-34998, two authentication bypass flaws that can be exploited using specially-crafted requests. The first can be triggered using a sequence of requests, while the second through sniffing network traffic.

The first issue is rooted in the fact that, by default, when the OAS engine is installed, no admin user is set and no authentication is required to access functionality such as new user creation. Even if an admin user is created, the configuration needs to be saved before the engine restarts, otherwise it will revert to default.

An attacker could use special requests to check if unauthenticated access is possible and could then create new users, save the configuration, and potentially gain access to the underlying system.

The second flaw allows an attacker to capture a protobuf containing valid administrator credentials and use it to create their own requests. The attacker could then access the user creation and save functionality to gain access to the underlying system.

Advertisement. Scroll to continue reading.

These authentication bypass flaws, Cisco warns, could be combined with CVE-2023-34317, an improper input validation bug in the user creation functionality, to add “a user with the username field containing an SSH key,” to gain access to the underlying system.

Another high-severity authentication bypass, CVE-2023-34353, allows an attacker to perform network sniffing to capture the protobuf containing admin credentials and then decrypt sensitive information.

Two of the remaining vulnerabilities could lead to information disclosure, while the other two may be exploited for arbitrary file creation or overwrite and for arbitrary directory creation.

All issues were identified in OAS Platform version 18 and were addressed with the release of version 19.00.0000 of the solution.

Learn More at SecurityWeek’s ICS Cyber Security Conference
The leading global conference series for Operations, Control Systems and OT/IT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.
ICS Cybersecurity Conference
October 23-26, 2023 | Atlanta

Related: High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome

Related: Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks

Related: Critical Vulnerabilities Found in Open Automation Software Platform

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.


Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...


More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.