Zero-Day vulnerability found in two Schneider Electric ICS products

Forums Security News (Security) Zero-Day vulnerability found in two Schneider Electric ICS products

  • This topic has 1 voice and 0 replies.
Viewing 0 reply threads
  • Author
    Posts
    • #24991
      Anonymous
      • Topic 16
      • Replies 0
      • posts 16

        #News(Security) [ via IoTForIndiaGroup ]


         


        The flaw can be found in two Schneider products, InduSoft Web Studio and InTouch Machine Edition which are used to manage industrial processes in oil and gas and other industries. The issue is a stack-based overflow that can be exploited through a specially crafted packet and exploit the buffer overflow using a tag alarm, read or write action to execute code.

        “The vulnerability can be remotely exploited without authentication and targets the IWS Runtime Data Server service, by default on TCP port 1234. The software implements a custom protocol that uses various “commands.” This vulnerability is triggered through command 50, and is caused by the incorrect usage of a string conversion function,” the Tenable report stated.

        This could potentially lead to a full compromise of the two software platforms with the worst case scenario being that the attacker could then move laterally from the infected computer throughout the network. Tenable also noted that connected HMI clients and OT devices can possibly be victimized.


        Read More..

    Viewing 0 reply threads
    • You must be logged in to reply to this topic.