CVE-2024-45066 Dover Fueling Solutions (DFS) CVE debrief

Who should care

Critical infrastructure operators in fueling and petroleum distribution, industrial control system security teams, OT network administrators, and organizations with MAGLINK LX deployments in retail fueling, fleet management, or bulk fueling operations. This vulnerability enables remote takeover of fueling station management consoles with potential safety and operational impacts.

Technical summary

The ProGauge MAGLINK LX CONSOLE IP sub-menu fails to properly sanitize input in POST requests, enabling remote attackers to inject and execute arbitrary operating system commands without authentication. This represents a complete compromise of the console with potential lateral movement into connected fueling infrastructure networks.

Defensive priority

critical

Recommended defensive actions

• Apply software update version 4.19.10 for MagLink LX console through Dover Fueling Solutions authorized service organizations
• Contact DFS customer support at 877-679-8324 for North American installation assistance
• Install MagLink consoles behind firewalls to restrict network exposure
• Monitor for and install security updates on a timely basis
• Consider operating MagLink consoles offline or disconnected from networks where operational requirements permit
• Access technical bulletins and updates via the DFS proprietary portal if registered
• Follow CISA ICS recommended practices for industrial control system defense in depth

Evidence notes

Vulnerability disclosed via CISA ICS Advisory ICSA-24-268-04. CVSS 3.1 vector: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. Affected products confirmed through CSAF product tree: CSAFPID-0001 (MAGLINK LX CONSOLE <=3.4.2.2.6) and CSAFPID-0002 (MAGLINK LX4 CONSOLE <=4.17.9e).

Official resources