NETxEIB OPC Server fails to properly validate OPC server handles
From SCADApedia
Contents |
Vulnerability
NETxEIB's OPC Server fails to properly validate OPC server handles. An attacker could leverage this vulnerability to arbitrarily read and write the process memory and execute code remotely. The vulnerability is due to the NETxEIB OPC Server failing to validate calls to the OPC Data Access Interface for the following methods:
IOPCSyncIO::Read
IOPCSyncIO::Write
IOPCServer::AddGroup
IOPCServer::RemoveGroup
IOPCCommon::SetClientName
IOPCGroupStateMgt::CloneGroup
This vulnerability was discovered by the team at Neutralbit.
Affected Systems
NETxEIB MP Open OPC Server Version 3.0.125
Impact
An attacker could read and write the process memory of a NetxEIB OPC Server. This would allow the attacker to execute code remotely on the system with the privileges of the user running the NETxEIB OPC Server.
An attacker may monitor the memory and learn about the application. The attacker could then alter data that is displayed to the user or data being transmitted to or from other systems.
Detection
Refer to the product’s version number to determine if the software is vulnerable.
Remediation
NETxEIB has addressed the vulnerability. Upgrade to NETxEIB's OPC Server Version 3.0.1300 or newer.
Restrict remote access to the system running the NETxEIB OPC Server. Access can be restricted by network and system firewalls or by using private networks.
