Cogent Fixes Privilege Elevation Hole

Friday, March 25, 2016 @ 10:03 AM gHale


Cogent Real-Time Systems, Inc. created a new version to mitigate a privilege elevation vulnerability in the Cogent DataHub application, according to a report on ICS-CERT.

Steven Seeley of Source Incite, who discovered the vulnerability, tested the new version to validate it resolves the vulnerability.

RELATED STORIES
Siemens Workaround for APOGEE Insight
ABB Fixes DLL Hijacking Vulnerability
Siemens Fixes SIMATIC S7-1200 Hole
Telvent’s Improper Frame Padding Fixed

Cogent DataHub version 7.3.9 and prior suffer from the issue.

Attackers could exploit this vulnerability to elevate their privileges from guest or user to system.

Cogent is a Canadian-based company that produces middleware applications used to interface with control systems.

The Cogent DataHub product is a real-time middleware solution and it sees action across several sectors including chemical, commercial facilities, critical manufacturing, energy, and financial services. This product sees use on a global basis, but its primary regions are the United States and Great Britain.

Users or guests may escalate their privileges by changing an accessible file on the system.

CVE‑2016-2288 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.5.

This vulnerability is not exploitable remotely and cannot end up exploited without user interaction. The exploit triggers when a local user runs the vulnerable application and loads the malformed file.

No known public exploits specifically target this vulnerability. An attacker with a low skill would be able to exploit this vulnerability.

Cogent has fixed this vulnerability in Version 7.3.10 of DataHub. This is a free upgrade for any user running V7.x. Click here to upgrade to Cogent DataHub Version 7.3.10.