I couldn’t let the Wonderware Suitelink vulnerability go by without commenting on it, and even Jason commenting on it below won’t steal my thunder.
First, lets talk about the vulnerability from a technical perspective. It appears that this is a fairly classic example of the program allocating an amount of memory based on a request […]

Sebastian Muniz from Core Security Technologies discovered a denial of service vulnerability in the Wonderware SuiteLink service that was made public today. Here are some links:
Core Security Advisory
National Vulnerability Database
Wonderware Tech Alert (login required)
This SuiteLink vulnerability affects the same version of Wonderware InTouch that had the NetDDE problem. When we presented the NetDDE vulnerability […]

Most asset owners are deploying firewalls with DMZ’s to restrict communication between the enterprise and control center networks. Some are even implementing solid, least privilege rulebases. This is a sound practice and should be followed, but don’t let it lull you into a false sense that this means you are risk free. Eyal demonstrated at […]

There are a number of Japanese manufacturers who develop control system applications and devices. This is not news to people who attend control system events because they are quite active around the world. What was new to me was the protocols developed in Japan, dominant in Japan, widely used in Asia and beginning to get […]

Over in Japan this week for a variety of reasons including participation and presentation at the FIRST Technical Colloquium. It is great to see FIRST and the coordination centers around the world gearing up for what we are certain will be an increasing number of control system vulnerabilities as these systems come under scrutiny.
One […]

Microsoft Security Bulletin MS08-008 Vulnerability in OLE Automation Could Allow Remote Code Execution issued today is likely to affect OPC servers. Remember that OPC was originally an acronym for OLE for Process Control.
This is a serious vulnerability rated Critical by Microsoft for most OS and would allow a remote attacker to run shell code after […]

There have been a number of vulnerabilities added to the SCADApedia. Information regarding the vulnerabilities mentioned at S4 2008 are now available at the following pages: GE Fanuc Cimplicity Heap Overflow, GE Fanuc Proficy Arbitrary File Upload and Execution, GE Proficy Plaintext Passwords and Invensys WonderWare InTouch NetDDE Vulnerable Share. The Takebishi DeviceXPlorer […]

When the NetDDE share vulnerability in Wonderware’s InTouch 8.0 HMI was announced by US-CERT, we noticed that most dismissed it as just typical control system weak permissions. The same as commonly seen in OPC DCOM configurations. However, the true impact of a weak NetDDE share is much greater than allowing any user to access the […]

US-CERT put out three vulnerability notes related to the GE Fanuc issues discussed in Eyal Udassin’s S4 paper. Eyal works for C4 in Israel. These issues had been reported to vendor almost a year ago and had been closely coordinated with CERT’s in the US and Israel.
What makes these even more interesting than just another […]

INL has “completed” a security assessment of LiveData ICCP server. “The project identified one vulnerability, which was remedied and patched in the field without any adverse impact on existing installations.”
This is interesting. How did LiveData notify its customers of the vulnerability and patch? An update from 27 Nov 2007 is on their site, but no […]