Cybersecurity specialists reported the finding of a critical vulnerability in Interoperability Solution XDS, the document exchange system developed by the technology company Philips. According to the report, successful exploitation of the flaw would allow the theft of confidential information.
Tracked as CVE-2021-32966, this flaw exists because the LDAP configuration over TLS in affected product allows the transmission of sensitive information in plain text. When the domain controller returns LDAP referrals, threat actors could intercept system credentials remotely.
The flaw received a score of 3.7/10 according to the Common Vulnerability Scoring System (CVSS), so it is considered a low-severity error. The report was submitted by Philips security teams to the Cybersecurity and Infrastructure Security Agency (CISA).
Organizations in the health services industry are especially vulnerable to exploiting this flaw. The good news is that so far no active exploitation attempts or the existence of an attack variant have been detected to complete the compromise.
This error resides in the following versions of the affected product:
- Philips Interoperability Solution XDS v2.5 through 3.11
- Philips Interoperability Solution XDS v2018-1 through 2021-1
In its report, Philips includes some recommendations to mitigate a potential exploitation campaign:
- Disable LDAP referrals on LDAP servers if LDAP over TLS is used
- Configure LDAP servers to include a complete structure for search
In addition to the manufacturer’s recommendations, CISA issued some security measures:
- Minimize network exposure for all exposed devices or systems
- Identify control system networks and remote devices behind firewalls to isolate them from the enterprise network
- Employing tools like VPN for remote access
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
