Certec Updates Ativise Scada Holes

Thursday, April 27, 2017 @ 03:04 PM gHale


Certec EDV GmbH updated its fix for a new software version to fix cross-site scripting and header injection vulnerabilities in its atvise scada product, according to a report with ICS-CERT.

Atvise scada prior to version 3.0 without the vendor built-in security mechanism activated suffer from the remotely exploitable vulnerabilities, discovered by Sebastian Neef of Internetwache.org.

RELATED STORIES
GE Clears Multilin SR Protective Relays Hole
Hyundai Updates Blue Link App
Sierra Wireless Mitigates Vulnerabilities
BLF-Tech LLC VisualView HMI

Successful exploitation of these vulnerabilities could cause the device the attacker is accessing to execute arbitrary code, affecting the integrity of the device.

No known public exploits specifically target these vulnerabilities. However, an attacker with a low skill level would be able to leverage the vulnerabilities.

The atvise scada product mainly sees use in the critical manufacturing sector. It sees action on a global basis.

There is a header injection vulnerability, which could allow for a remote code execution.

CVE-2017-6031 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.1.

The cross-site scripting vulnerability, could allow for remote code execution.

CVE-2017-6029 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.4.

Eisenstadt, Austria-based Certec EDV GmbH advises affected users to activate the built-in security mechanism (login, https, protected calls, etc.) of the product as described in the documentation. Users can also upgrade to the newest version of the software available on the Certec EDV GmbH web site, a user login will end up needed to obtain the latest version.

In order to fully mitigate the vulnerabilities, Certec EDV GmbH recommends users follow the guidelines in the atvise scada documentation for enabling security measures found in the following sections:
• HTTP/HTTPS support
• Protected calls
• Login and user management
• User and rights



Leave a Reply

You must be logged in to post a comment.