Another SCADA Vulnerability Found

Tuesday, December 6, 2011 @ 02:12 PM gHale


There is a buffer overflow vulnerability with proof-of-concept (PoC) exploit code affecting 3S CoDeSys web server, a Supervisory Control and Data Acquisition/Human-Machine Interface (SCADA/HMI) product.

The vulnerability is exploitable by sending specially crafted packets to the server Port 8080/TCP, according to a report with ICS-CERT.

RELATED STORIES
Hike in Public Release of SCADA Holes
Siemens Investigating Vulnerabilities
Schneider Vulnerabilities Released
Patches for InduSoft Vulnerabilities

ICS-CERT had been coordinating the vulnerability with Celil Unuver of SignalSEC Labs, who discovered the vulnerability and the vendor. ICS-CERT is issuing this alert to provide notice of the report and identify baseline mitigations for reducing risks to this and other cyber security attacks.

The report includes vulnerability details and PoC exploit code for a buffer overflow vulnerability, which is remotely exploitable and could lead to a denial of service or a possible remote code execution.

ICS-CERT is currently coordinating with the vendor to identify mitigations. In the meantime, users should be aware and take defensive measures to minimize the risk of exploitation of these vulnerabilities



Leave a Reply

You must be logged in to post a comment.