Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Vendor Fixes Vulnerabilities in Wireless Traffic Sensors

Sensys Networks, a company that provides integrated wireless traffic data systems, announced last week the availability of software updates that address security issues identified last year.

Sensys Networks, a company that provides integrated wireless traffic data systems, announced last week the availability of software updates that address security issues identified last year.

In April, IOActive Labs CTO Cesar Cerrudo revealed the existence of several vulnerabilities in the sensor devices used by the traffic control systems installed in various cities across the United States, Canada, the United Kingdom, France, Australia and China. He conducted real-world tests in various U.S. cities and even simulated an attack launched from a drone.

“By exploiting the vulnerabilities I found, an attacker could cause traffic jams and problems at intersections, freeways, highways, etc,” the researcher explained back in April. “It’s possible to make traffic lights (depending on the configuration) stay green more or less time, stay red and not change to green, or flash. It’s also possible to cause electronic signs to display incorrect speed limits and instructions and to make ramp meters allow cars on the freeway faster or slower than needed.”

Cerrudo contacted the vendor through ICS-CERT in September 2013, but the company said the issues uncovered by the researcher were not critical. Last month, after the expert demonstrated his findings at the Def Con security conference, Sensys published a statement clarifying that its equipment does not directly control traffic signals, but “provides an input to third party traffic controllers who are responsible for the safe operation of traffic signals.”

“It is impossible to manipulate our systems, or data, to cause conflicting movements or phases to be displayed. Both the controller software and conflict monitor prevent the possibility of this scenario. Also, our system is not used to give priority to emergency vehicles and we cannot interfere with the operation of systems that do give such priority,” the company said.

Sensys also said its systems were not actually “hacked” by the researcher, and presented various “anti-vandalism features” that are available to customers. While the company maintains its position, last week it rolled out what it calls “new anti-vandalism enhancements” designed to protect systems against attacks (encryption and authentication), and notify operators in case of unauthorized access attempts.

The company says the enhancements will be included in all new hardware and software products, but they can also be wirelessly deployed to existing installations via the regular software update process. The software updates are free and there’s no need to replace any hardware, Sensys networks said on Friday.

According to ICS-CERT, the enhancements are actually fixes for the vulnerabilities identified by Cerrudo. In its advisory, the organization noted that Sensys Networks traffic sensors VSN240-F and VSN240-T (with software versions prior to VDS 2.10.1 and prior to TrafficDOT 2.10.3) are affected by insufficient integrity checks which could allow the installation of modified software that could damage the traffic sensors.

Advertisement. Scroll to continue reading.

“A traffic sensor that has been rendered inoperable may cause the traffic system to default to a failsafe condition, prompting traffic lights of an intersection to operate on predetermined timed intervals. Only the traffic lights that are linked to compromised sensors may be impacted,” ICS-CERT said in its advisory. “Unencrypted communication between the traffic sensor and the access point could be modified and used to cause traffic collection data inaccuracies, which may have limited impact on traffic control for an intersection. Inaccurate collection of traffic data may yield limited influence over traffic light timing for an intersection.”

The integrity check issue has been assigned the CVE identifier CVE-2014-2378, while the lack of a mechanism for sensitive data encryption has been assigned CVE-2014-2379. ICS-CERT says the vulnerabilities can be exploited remotely by a highly skilled attacker.

Versions VDS 2.10.1 and TrafficDOT 2.10.3 address the flaws. ICS-CERT noted that an update (VDS 1.8.8) for older model access points will also be released this month.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Solana co-founder Stephen Akridge has been appointed the CEO of data protection firm Cyber Grant.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.