Hubbell Aclara Metrum Cellular Web Interface
Summary
The Hubbell Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to missing authentication controls on critical system functions. Successful exploitation could allow attackers to manipulate device settings, disrupt operations, and cause a loss of communications.
IFF Assessment
This vulnerability allows attackers to gain unauthorized access and disrupt critical infrastructure operations, posing a significant risk to defenders.
Severity
The CVSS score of 7.5 indicates a high severity, primarily due to the 'Missing Authentication for Critical Function' vulnerability. Attackers can exploit this remotely to gain control of device settings and disrupt operations, impacting confidentiality, integrity, and availability.
Defender Context
This alert highlights a critical vulnerability in industrial control systems (ICS) within the energy sector. Defenders should prioritize patching or mitigating this issue to prevent unauthorized access and operational disruptions. The lack of authentication for critical functions is a recurring theme in ICS vulnerabilities, emphasizing the need for robust network segmentation and access controls.