7-Technologies Vulnerability Part II

Thursday, December 22, 2011 @ 12:12 PM gHale


For the second time within a few days, 7-Technologies (7T) is getting hit with a system vulnerability, this time there is a buffer overflow hole in its Interactive Graphical SCADA System (IGSS) product.

This vulnerability could result in a denial of service (DoS) or the execution of arbitrary code, according to an ICS-CERT report.

RELATED STORIES
WellinTech’s Heap Overflow Hole
7-Technologies Patches Vulnerability
Wonderware Vulnerabilities Patched
SafeNet Sanitization Vulnerability
Holes in Schneider Ethernet Module

ICS-CERT coordinated this report with 7T and they created a patch that resolves the vulnerability. Security researcher Celil Unuver (SignalSEC LLCa), who found the vulnerability, confirmed the patch fully resolves the issue.

7T Interactive Graphical SCADA System versions 9.0.0.11355 and prior suffer from the vulnerability.

Successful exploitation of this vulnerability could allow an attacker to cause a DoS or to execute arbitrary code.

7T, based in Denmark, creates monitoring and control systems primarily used in the United States, Europe, and South Asia. IGSS is in over 28,000 industrial plants in 50 countries worldwide, 7T said.

7T Interactive Graphical SCADA System software controls and monitors programmable logic controllers in industrial processes across multiple sectors including energy, manufacturing, oil and gas, and water.

An attacker could exploit this buffer overflow vulnerability by sending specially crafted packets to either Port 12399/TCP or Port 12397/TCP. CVE-2011-4537 is the number assigned.

7T has developed a patch to address this vulnerability and has provided the following options to customers for updating their systems:
1. In the IGSSMaster application, select the menu item “Information and Support” and click “Update IGSS Software.” This will automatically download and install the updated module. 7T said this is the preferable method for updating the IGSS installation when the host computer has Internet access.
2. Access the update either by using the direct link or the instructions below.

Instructions: Browse to the 7T IGSS website (www.igss.com). From the “Download” menu select the “Licensed Versions” option. From this page, select the Version 9 “Program updates (General)” to download a ZIP file containing all current updates for IGSS Version 9. Once the ZIP file (progupdatesv90.zip) has downloaded, manually unpack the ZIP file, and copy the entire contents to the \IGSS\ directory within the IGSS installation folder on the end user’s computer.



Leave a Reply

You must be logged in to post a comment.