Critical Security Flaws Detected in Optigo Networks ONS-S8 Aggregation Switch

October 2, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about two critical vulnerabilities present in Optigo Networks ONS-S8 Aggregation Switch products. These devices are commonly used in critical infrastructure and manufacturing units globally. The vulnerabilities can allow authentication bypass and remote code execution.

The first vulnerability, identified as CVE-2024-41925, is a PHP Remote File Inclusion (RFI) issue. It arises from incorrect validation or sanitation of user-supplied file paths. An attacker could exploit this flaw to perform directory traversal, bypass authentication, and execute arbitrary remote code.

The second vulnerability, tracked as CVE-2024-45367, is due to weak authentication resulting from improper password verification enforcement on the authentication mechanism. A successful exploit could allow an attacker to gain unauthorized access to the switches' management interface, modify configurations, access sensitive data, or pivot to other network points.

Both vulnerabilities were discovered by Claroty Team82 and have been rated as critical, with a CVSS v4 score of 9.3. They affect all ONS-S8 Spectra Aggregation Switch versions up to and including 1.3.7.

At present, no fixes are available for these vulnerabilities. Therefore, users are advised to implement the mitigations suggested by the Canadian vendor. Although CISA has not observed active exploitation of these flaws, system administrators are urged to take the recommended actions to mitigate the risks.

Should organizations notice suspicious activity on these devices, CISA advises following their breach protocols and reporting the incident to the cybersecurity agency. This will allow the incident to be tracked and correlated with other incidents.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.