P1 Vulnerability Knowledge Base (P1 VKB) is a database and feed of all vulnerabilities that are detected and reported either by PTA, PTM or by our expert consulting findings.
VKB specific to Telecom and Mobile networks
-
SS7, SIGTRAN, IMS and LTE networks have specific equipment. These equipment have vulnerabilities, just like any other IT equipment. The problem is that the security maturity in the telecom domain is not as evolved as in the IP domain. As a result, vulnerability information is not yet taken in account by all the operators and network equipment providers.P1 Vulnerability Knowledge Base provides you a constant feed of new vulnerabilities that are either publicly disclosed, or result from P1 Security own vulnerability research.
The VKB is the result and accumulation of vulnerability information since 1998. P1 Security has since developed the VKB to document the vulnerabilities for its customer. Since the June 2012, the VKB is now open for commercial access.
The main difference with other vulnerabilities is that P1 VKB is not publicly accessible. It is a commercial product that helps operators, regulators, government, telecom agencies, network equipment vendors and security consultant to address vulnerabilities in the mobile and telecom networks.
P1 VKB enables a softer and milder form of security assessment compared to PTA. You don’t benefit from the automation of the PTA vulnerability scanner, but can target more specifically one kind of vulnerability that may not be testable from an automated point of view.
Customer Testimonials
– Telecom Department Security Analyst, Mobile Network OperatorP1 Security’s VKB enable us to keep up to date on vulnerabilities of our Network Elements, from HLR to BTS and eNodeBs, it covers the mobile and telecom industry core components
– Telecom Security Research Lead Engineer, International Telecommunication GroupFor the specificity and the quality of the information we have in the VKB, this was extremely useful for us experts, and from a management point of view we didn’t find any reason to negotiate anything or question the cost vs. benefit.
-
P1 Vulnerability Knowledge Base fields
Each vulnerability in the VKB contains the following fields:
- Title
- P1 Vulnerability ID
- Application
- Type
- Description
- Affected Perimeters
- Affected Equipment Type
- Affected Equipment Function
- Affected Product and Version
- Interfaces
- Protocol
- Recommendation
- Vendor Remediation
- Rootcause Category
- Rootcause
- Risk level
- Difficulty to obtain
- Impact
- Threat
- Discovery date
Fields details
For each item in the Vulnerability Knowledge Base, here are the following fields details and values that are possible:
- Application
- Indicates which P1 Telecom product is able to report the vulnerability or from which source this vulnerability was known from.
- PTA: P1 Telecom Auditor
- PTM: P1 Telecom Monitor
- PSR: Product Security Review (Consulting)
- PRT: Product Robustness Testing (Consulting)
- Pentest: Penetration Testing (Consulting)
- Vendor: Vendor supplied information
- Type
- Examples of vulnerability types: DoS attack, Service abuse, Hijacking, Remote access, Information gathering, Notification…
- Description
- Explanation of the security finding, vulnerability or weakness.
- Affected Perimeters
- Vulnerability is present only if it exists on a perimeter listed in this field.
- Affected Equipement Type
- Type of equipment concerned by this vulnerability.
- Examples of equipment types: MSC server, MGW, HLR.
- Affected Equipement Function
- Function of the equipment concerned by this vulnerability.
- Examples of equipment functions: VMSC, GMSC, MGCF, VLR, HSS.
- Interfaces
- List of Network Element interfaces concerned by this vulnerability.
- Protocol
- Protocol concerned by this vulnerability.
- Recommendation
- How to eliminate or correct this problem.
- Root Cause Category
- Root cause categories for this problem are classified into Design or Specification, Implementation, Operation and Management.
- Root Cause
- Detailed analysis of the root cause for this problem.
- Risk level
- This level indicates the overall risk associated to this vulnerability, taking into account all factors such as Impact, Threat, and Difficulty to obtain.
- The risks are classified into 1 – Low, 2 – Medium and 3 – Critical.
- Difficulty to obtain
- Indicates the audience or group that might exploit this vulnerability along with a definition of how hard it would be for an attacker to obtain such access or abuse existing access to exploit such vulnerability or weakness.
- The difficulties are classified into 1 – Easy, 2 – Moderate and 3 – Difficult.
- Impact level
- Evaluates the impact if the vulnerability or weakness is successfully exploited.
- The risks are classified into 1 – Low, 2 – Medium and 3 – Critical.
- Threat level
- Evaluates the probability for the vulnerability to be exploited.
- The risks are classified into 1 – Low, 2 – Medium and 3 – Critical.
-
P1 VKB Features
- Web based interface
- Searchable database
- Privacy-enabled collaboration
- Comments
- Quality assurance of the vulnerabilities entered
- Traceability of the source of information
Covered protocols and equipment
SS7 Message Transfer Part 3 (mtp3), SCCP, TCAP, ISUP, TUP, MAP, OMAP, INAP, BICC, CAMEL, BSSAP, RANAP, UMA SIGTRAN SCTP, M3UA, M2PA, M2UA, IUA (ISDN, Q.931), SUA, V5UA GPRS GTP-U, GTP-C, GTP’, GRX DNS AAA Radius, Diameter VoIP / ToIP SIP, H323, Skinny / SCCP, H248, MGCP, MEGACO Core network protocols MPLS, LDP, BGP, VPLS, L2TP, GRE, IPsec, SAAL, LDP, BGP Affected interfaces
- Interfaces C, D, E, F, G, I and optionally A, B
- SIGTRAN Ethernet-based networks
- IMS Ethernet-based networks
- SS7 legacy TDM interfaces
- SS7 ATM connections
- LTE interfaces
EquipmentAcision, Acterna, Adventnet, Alcatel-Lucent, Anritsu, Apertio, Asterisk, Bercut, Cisco, CMG, Comverse, Cyrpack, DataKinetics, Digital, Ericsson, HP, Huawei, IBM, Logica, Marconi, Motorola, Nokia, Nortel, NSN, Siemens, Squire, Sysmaster, SS8, Tellabs, Tektronix, Unica, Tekelec, ZTE. -
Contact us for more information about the VKB.
844 KB ]
Copyright 2013