SCADA Issues with MICROSYS

Friday, October 14, 2011 @ 01:10 PM gHale


There are three vulnerabilities with proof of concept (PoC) exploit code affecting MICROSYS, spol. s r.o. Promotic, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product.

All three vulnerabilities are remotely exploitable, according to the report, which released without coordination with either the vendor or ICS-CERT.

RELATED STORIES
UniOPC Update on Server Vulnerabilities
More Holes Beset SCADA Firms
Cogent Patches DataHub Holes
Rockwell Adds More Platform Patches

ICS-CERT has not yet verified the vulnerabilities or PoC code, but has reached out to the affected vendor to initiate a coordinated process of validation and mitigation. ICS-CERT is issuing this alert to provide early notice of the reported vulnerabilities and identify baseline mitigations for reducing risks posed by these vulnerabilities.

The report included vulnerability details and PoC exploit code for the following vulnerabilities: Directory traversal, which is remotely exploitable that could lead to a data leakage; stack overflow, which is remotely exploitable that could lead to a denial of service and possible remote code execution, and a heap overflow, which is remotely exploitable that could lead to a denial of service and possible remote code execution.

MICROSYS, spol. s r.o. is a Czech company with headquarters in Ostrava. Promotic is SCADA HMI software that includes support for a web interface and works with Microsoft Windows.



Leave a Reply

You must be logged in to post a comment.