Fatek Automation PLC Vulnerability

Friday, December 16, 2016 @ 12:12 PM gHale

There is a stack-based buffer overflow vulnerability in Fatek Automation’s PLC WinProladder application and so far the company has not issued a fix, according to a report with ICS-CERT.

A researcher working with Trend Micro’s Zero Day Initiative (ZDI) coordinated the vulnerability with ICS-CERT. ZDI will publish the remotely exploitable PLC WinProladder vulnerability.

RELATED STORIES
Visonic PowerLink2 Vulnerabilities
Moxa Patches DACenter Holes
Delta Electronics Fixes Software Holes
Siemens Clears ActiveX Vulnerability

PLC WinProladder Version 3.11 Build 14701 suffers from the issue.

Successful exploitation of the reported vulnerability may allow an attacker to perform a number of malicious actions including arbitrary code execution.

Fatek is a Taiwan-based company that maintains distribution offices in several countries around the world.

The affected product, PLC WinProladder, is a PLC programming software. The product sees use across several sectors including commercial facilities and critical manufacturing. This product sees action primarily in Europe and Asia.

A stack-based buffer overflow vulnerability exists when the software application connects to a malicious server, resulting in a stack buffer overflow. This causes an exploitable structured exception handler (SEH) overwrite condition that may allow remote code execution.

CVE-2016-8377 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 8.0.

No known public exploits specifically target this vulnerability. However, an attacker with a low skill would be able to exploit this vulnerability.

Fatek has not responded to requests to work with ICS-CERT to mitigate this vulnerability.



Leave a Reply

You must be logged in to post a comment.