GE Updates CIMPLICITY Fix

Thursday, October 12, 2017 @ 03:10 PM gHale


GE updated a fix that mitigated a stack-based buffer overflow in its CIMPLICITY product, according to a report with ICS-CERT. The company had released with new software and added more details to the vulnerability.

An HMI/SCADA management platform, CIMPLICITY versions 9.0 and prior suffer from the remotely exploitable vulnerability, discovered by David Atch of CyberX.

RELATED STORIES
Siemens Updates Ruggedcom, SCALANCE Fix
Siemens Updates OPC Vulnerability
Schneider Patches InduSoft Hole
New Security Release for Ctek SkyRouter

From CIMPLICITY 6.1 forward, users have been advised S90 drivers were no longer supported and an alternate tool was provided. CIMPLICITY 9.5 removed the drivers from the product.

Successful exploitation of this vulnerability could cause the device the attacker is accessing to crash; a buffer overflow condition may allow arbitrary remote code execution.

No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage the vulnerability.

In the vulnerability, a function reads a packet to indicate the next packet length. The next packet length is not verified, allowing a buffer overwrite that could lead to an arbitrary remote code execution.

CVE-2017-12732 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.8.

The product sees use mainly in the chemical, critical manufacturing, dams, energy, food and agriculture, government facilities, transportation systems and water and wastewater systems sectors. It also sees action on a global basis.

GE released CIMPLICITY software Version 9.5 and recommends users update to that version or the latest version. The Series 90 TCP/IP communications support has been deprecated and users are encouraged to use the “convert to triplex” application tool, which has been available since CIMPLICITY Version 6.1, to obtain communication support if needed.

Documentation and information on procedures, as well as the upgrade to Version 9.5, can be located at this location (login required).



Leave a Reply

You must be logged in to post a comment.