Number: AV16-110
Date: 7 July 2016
Purpose
This advisory is to bring attention to a recently released Meinberg NTP firmware update addressing multiple vulnerabilities.
Assessment
A firmware update was released for Meinberg NTP Time Server to address multiple vulnerabilities (high). Exploitation of these vulnerabilities may permit a malicious attacker to write to unspecified scripts with root user privilege, which can allow for the unauthorized disclosure and/or modification of sensitive data.
CVE References: CVE-2016-3962, CVE-2016-3988, CVE-2016-3989
Versions affected:
- IMS-LANTIME M3000 versions 6.0 and earlier
- IMS-LANTIME M1000 versions 6.0 and earlier
- IMS-LANTIME M500 versions 6.0 and earlier
- LANTIME M900 versions 6.0 and earlier
- LANTIME M600 versions 6.0 and earlier
- LANTIME M400 versions 6.0 and earlier
- LANTIME M300 versions 6.0 and earlier
- LANTIME M200 versions 6.0 and earlier
- LANTIME M100 versions 6.0 and earlier
- LCES versions 6.0 and earlier
- SyncFire 1100 versions 6.0 and earlier
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References:
Meinberg Security Advisory:
https://www.meinbergglobal.com/english/sw/mbgsecurityadvisory.htm#mbgsa_363
Meinberg Firmware Updates:
https://www.meinbergglobal.com/english/sw/firmware.htm
ICS-CERT Advisory (ICSA-16-175-03):
https://ics-cert.us-cert.gov/advisories/ICSA-16-175-03
NIST Vulnerability Database:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3962
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3988
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3989