Archive for 'Vulnerability Disclosure'
Wonderware SuiteLink Denial of Service Vulnerability (part 2)
I couldn’t let the Wonderware Suitelink vulnerability go by without commenting on it, and even Jason commenting on it below won’t steal my thunder.
First, lets talk about the vulnerability from a technical perspective. It appears that this is a fairly classic example of the program allocating an amount of memory based on a request […]
Author: Daniel Peck
Posted: May 6th, 2008 under SCADA Vendor, Vulnerability Disclosure.
Comments: 9
Wonderware SuiteLink Denial of Service Vulnerability
Sebastian Muniz from Core Security Technologies discovered a denial of service vulnerability in the Wonderware SuiteLink service that was made public today. Here are some links:
Core Security Advisory
National Vulnerability Database
Wonderware Tech Alert (login required)
This SuiteLink vulnerability affects the same version of Wonderware InTouch that had the NetDDE problem. When we presented the NetDDE vulnerability […]
Author: Jason Holcomb
Posted: May 6th, 2008 under SCADA Vendor, Vulnerability Disclosure.
Comments: 1
Browsers as Attack Vectors and New Vuln Paper
Most asset owners are deploying firewalls with DMZ’s to restrict communication between the enterprise and control center networks. Some are even implementing solid, least privilege rulebases. This is a sound practice and should be followed, but don’t let it lull you into a false sense that this means you are risk free. Eyal demonstrated at […]
Author: Daniel Peck
Posted: April 17th, 2008 under Vulnerability Disclosure.
Comments: 4
Japanese Control System Protocols
There are a number of Japanese manufacturers who develop control system applications and devices. This is not news to people who attend control system events because they are quite active around the world. What was new to me was the protocols developed in Japan, dominant in Japan, widely used in Asia and beginning to get […]
Author: Dale Peterson
Posted: March 28th, 2008 under SCADA Protocols, Vulnerability Disclosure.
Comments: 8
Japan FIRST Meeting & Vuln Disclosure
Over in Japan this week for a variety of reasons including participation and presentation at the FIRST Technical Colloquium. It is great to see FIRST and the coordination centers around the world gearing up for what we are certain will be an increasing number of control system vulnerabilities as these systems come under scrutiny.
One […]
Author: Dale Peterson
Posted: March 24th, 2008 under Conferences, Vulnerability Disclosure.
Comments: none
MS08-008 Critical Bulletin Likely Affects OPC
Microsoft Security Bulletin MS08-008 Vulnerability in OLE Automation Could Allow Remote Code Execution issued today is likely to affect OPC servers. Remember that OPC was originally an acronym for OLE for Process Control.
This is a serious vulnerability rated Critical by Microsoft for most OS and would allow a remote attacker to run shell code after […]
Author: Dale Peterson
Posted: February 12th, 2008 under OPC, Vulnerability Disclosure.
Comments: 5
SCADApedia Updates
There have been a number of vulnerabilities added to the SCADApedia. Information regarding the vulnerabilities mentioned at S4 2008 are now available at the following pages: GE Fanuc Cimplicity Heap Overflow, GE Fanuc Proficy Arbitrary File Upload and Execution, GE Proficy Plaintext Passwords and Invensys WonderWare InTouch NetDDE Vulnerable Share. The Takebishi DeviceXPlorer […]
Author: Charles Perine
Posted: February 11th, 2008 under Vulnerability Disclosure.
Comments: none
Vulnerable NetDDE Shares Lead To Complete System Compromise
When the NetDDE share vulnerability in Wonderware’s InTouch 8.0 HMI was announced by US-CERT, we noticed that most dismissed it as just typical control system weak permissions. The same as commonly seen in OPC DCOM configurations. However, the true impact of a weak NetDDE share is much greater than allowing any user to access the […]
Author: Dale Peterson
Posted: January 29th, 2008 under Vulnerability Disclosure.
Comments: 1
GE Fanuc Vulnerabilities
US-CERT put out three vulnerability notes related to the GE Fanuc issues discussed in Eyal Udassin’s S4 paper. Eyal works for C4 in Israel. These issues had been reported to vendor almost a year ago and had been closely coordinated with CERT’s in the US and Israel.
What makes these even more interesting than just another […]
Author: Dale Peterson
Posted: January 26th, 2008 under Firewall / Perimeter, Vulnerability Disclosure.
Comments: 3
LiveData Completes INL Security Assessment
INL has “completed” a security assessment of LiveData ICCP server. “The project identified one vulnerability, which was remedied and patched in the field without any adverse impact on existing installations.”
This is interesting. How did LiveData notify its customers of the vulnerability and patch? An update from 27 Nov 2007 is on their site, but no […]
Author: Dale Peterson
Posted: December 31st, 2007 under Vulnerability Disclosure.
Comments: 3
