Search:

ICS-CERT: Pro-face Pro-Server EX Multiple Vulnerabilities

Friday, May 18, 2012

Infosec Island Admin

7fef78c47060974e0b8392e305f0daf0

ICS-CERT is aware of a public report of multiple vulnerabilities affecting Pro-face Pro-Server, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product.

The vulnerabilities include invalid memory access, buffer overflow, unhandled exception, and memory corruption, with proof-of-concept (PoC) exploit code.

According to this report, these vulnerabilities are exploitable via specially crafted packets. This report was released by researcher Luigi Auriemma on his website without coordination with either the vendor or ICS-CERT.

ICS-CERT has notified the affected vendor of the report and has asked the vendor to confirm the vulnerability and identify mitigations. No patch is currently available for these vulnerabilities.

This ICS-CERT alert provides early notice of the report and identifies baseline mitigations for reducing risks to these and other cybersecurity attacks. The report included vulnerability details and PoC exploit code for the following vulnerability:

Vulnerability Type:  Invalid Memory Access
Exploitable:  Can be exploited remotely
Impact:  Denial of Service / Possible Remote Code Execution

Vulnerability Type:  Integer Overflow
Exploitable:  Can be exploited remotely
Impact:  Denial of Service / Possible Remote Code Execution

Vulnerability Type:  Unhandled Exception
Exploitable:  Can be exploited remotely
Impact:  Denial of Service / Possible Remote Code Execution

Vulnerability Type:  Memory Corruptions
Exploitable:  Can be exploited remotely
Impact:  Denial of Service / Possible Remote Code Execution

Please report any issues affecting control systems in critical infrastructure environments to ICS-CERT.

Pro-face is a North American company that creates hardware and software products found in industrial, oil and gas, food and beverage, and water and wastewater industries. According to their Web site, Pro-Server EX is a data management server that collects information generated by a SCADA system and generates reports.

MITIGATION

ICS-CERT is attempting to coordinate with the vendor and security researcher to identify mitigations.

The full ICS-CERT advisory can be found here:

Source:  http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-137-01.pdf

Share This! |
Possibly Related Articles:
2965
SCADA
Industrial Control Systems
SCADA Vulnerabilities Exploits Proof of Concept ICS-CERT Industrial Control Systems human-machine interface IS Controls Pro-face Pro-Server EX
Post Rating I Like this!
Comments:
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked


Latest Member Comments

"I thought this article discuss a very important issue of security.If we have well developed technology in one particular field then we ..."

Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013

"ATM machine are for our convenience but if we are not careful they can compromise our safety. Discount theater tickets "

ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013

"A expressive case study is used to explore causation in order to find underlying principles. Case studies may be prospective in which c..."

New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013

"In the social sciences and life sciences a case study or case report is a descriptive or descriptive analysis of a someone, group or ev..."

Case Study: A Cloud Security Assessment... Caitlin Rachel on 05-21-2013
Latest Posts