Heartbleed Bug Found in ABB Relays

Much-talked-of Heartbleed bug of open-source OpenSSL cryptography library has been found in ABB Relion 650 series IEDs. Care about this if your IED firmware revision is 1.3.0. Word has been spread by ICS-CERT (Industrial Control Systems Cyber Emergency Response Team).

ABB 650 series IEDs use vulnerable OpenSSL library (1.0.1c). ABB engineers are working to eliminate the issue.

Heartbleed bug is about server not checking validity of requests, issued by clients.

The affected versions of OpenSSL allocate a memory buffer for the message to be returned based on the length field in the requesting message, without regard to the actual size of that message’s payload. Because of this failure to do proper bounds checking, the message returned consists of the payload, possibly followed by whatever else happened to be in the allocated memory buffer.

heartbleed_explanation

Heartbleed is therefore exploited by sending a malformed heartbeat request with a small payload and large length field to the vulnerable party (usually a server) in order to elicit the victim’s response, permitting attackers to read up to 64 kilobytes of the victim’s memory that was likely to have been used previously by OpenSSL. Where a Heartbeat Request might ask a party to “send back the four-letter word ‘bird'”, resulting in a response of “bird”, a “Heartbleed Request” (a malicious heartbeat request) of “send back the 500-letter word ‘bird'” would cause the victim to return “bird” followed by whatever 496 characters the victim happened to have in active memory. Attackers in this way could receive sensitive data, compromising the confidentiality of the victim’s communications. [ics-cert.us-cert.gov]

Digital Substation

(close)