Nozomi Networks discovers flaws in Bently Nevada protection systems.

OT security specialist Nozomi Networks has identified three vulnerabilities on the Baker Hughes Bently Nevada 3500 rack model used to detect and prevent anomalies in rotating machinery such as turbines, compressors, motors, and generators.

Nozomi warns that the most serious of the three vulnerabilities may allow an attacker to bypass the authentication process and obtain complete access to the device by delivering a malicious request.

According to Nozomi, "the development of a patch is not planned due to legacy limitations."

The initial discovery was made by reverse engineering the proprietary protocol used by the device, and Nozomi has confirmed that all of these vulnerabilities affect firmware versions up to 5.05 and later of the /22 TDI Module (both USB and serial versions).

Nozomi suggests the following measures to mitigate the issues.

1. RUN mode vs CONFIG mode: PLCs and control systems often implement physical keys to either put the device in RUN mode or in CONFIG mode. The latter is typically used by technicians during maintenance activities to enable writing permission of new configurations on the device. One common misconfiguration that might occur is to either forget to put back the device into RUN mode after a maintenance activity or opt for a default always-on CONFIG mode to facilitate remote changes. A best practice is to make sure that devices are always kept in RUN mode whenever possible.

2. Network segmentation: Design and implement proper network segmentation strategies to prevent unauthorised parties from interacting with critical assets. This is especially recommended for legacy solutions that are no longer actively supported by vendors.

3. Strong and unique passwords: Make sure to guarantee uniqueness in conjunction with robustness when choosing credentials. The former property is often underestimated but could provide defence in those scenarios where credentials extracted from a vulnerable machine or component could be easily reused over fully patched systems sharing the same credentials.

4. Non-default enhanced security features: Check your device manual for security features that are not enabled by default. Often, these additional features could strongly reduce the likelihood or the impact of a specific vulnerability and mitigate 'hard-to-patch' situations. With respect to Bently Nevada devices, Nozomi Networks recommends customers review the various security levels made available through the configuration utility and choose the one that matches specific needs and security policy.

If you have urgent order or inquiry , please contact John to ask price freely.