CVE-2022-26394 The Baxter Spectrum WBM does not perform mutual authentication with the gateway server host

The best practice for securing the WBM is to configure it in a DMZ between the network and the gateway server. This will prevent attackers from modifying the data travelling through the WBM. Data encryption is also recommended to protect the WBM from data theft. If a security issue is discovered within the WBM, update the firmware as soon as possible to protect the integrity of the system.

WAP to Access Point (WAP2AP)

This is a digital wireless network that provides clients with access to an enterprise network. The two networks are separated by an access point (WAP) and a firewall. The WAP is usually managed by the IT department and sits inside of a wired environment.

There are some considerations for implementing this solution:

- Ensure that the WAP2AP solution supports both your client's and your company's security requirements. Some solutions may only support the company's security requirements, while others may support the client's security requirements as well.
- It is crucial that the firewall be configured properly in order to make sure that data traveling between networks can't be intercepted or modified by unauthorized parties. Depending on how you configure the settings, it could provide added protection from data theft from the client network to your network as well.

Protect the WBM from data theft

The WBM is a critical part of the company's data infrastructure. It's important to protect it from theft, vulnerability, and malicious code.
One way to protect the WBM is by configuring it in a DMZ between the network and the gateway server. This will prevent attackers from modifying the data travelling through the WBM. Data encryption is also recommended to protect the WBM from data theft. If a security issue is discovered within the WBM, update the firmware as soon as possible to protect the integrity of the system.

What is a WBM and Gateway Server?

A web-based management (WBM) is a software platform that allows remote users to manage certain aspects of computer systems. Gateway servers are also referred to as proxy servers. These servers act as a network gateway between the Internet and the local networks of both organizations and individuals. In other words, they allow people or devices on the inside of an organization or person's network to connect with any device on the outside of the network.
Although this type of server is typically used for legitimate purposes, it poses security risks because it can be used by attackers to access sensitive data. If you use a WBM, make sure that you are following best practices for safeguarding your data and resources from cyber threats.

Configure WBM with supprot from gateway server

The best practice for securing the WBM is to configure it in a DMZ between the network and the gateway server. This will prevent attackers from modifying the data travelling through the WBM. Data encryption is also recommended to protect the WBM from data theft. If a security issue is discovered within the WBM, update the firmware as soon as possible to protect the integrity of the system.

Timeline

Published on: 09/09/2022 15:15:00 UTC
Last modified on: 09/16/2022 16:47:00 UTC

References

• https://www.us-cert.gov/ics/advisories/icsma-22-xxx-xx
• https://www.cisa.gov/uscert/ics/advisories/icsma-22-251-01
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26394