SCADA/HMI ActiveX Hole Found

Thursday, November 3, 2011 @ 02:11 PM gHale


There is a public report detailing an ActiveX vulnerability with proof-of-concept (PoC) exploit code affecting Advantech Broadwin WebAccess.

This is a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product. The vulnerability is exploitable by targeting the bwocxrun.ocx ActiveX component with a combination of ActiveX methods, according to the report. This report released without coordination with either the vendor or the ICS-CERT.

RELATED STORIES
GE Works to Fix Vulnerabilities
Device Driver Vulnerability Found
SCADA Issues with MICROSYS
UniOPC Update on Server Vulnerabilities

ICS-CERT has not yet verified this vulnerability or PoC code but reached out to the affected vendor to notify, confirm, and identify mitigations.

The report included vulnerability details and PoC exploit code for a buffer overflow that is remotely exploitable with a possible remote code execution.

Advantech Broadwin WebAccess is a web-based HMI platform used in energy, manufacturing, and building automation applications. WebAccess is in several countries in Asia, North America, North Africa, and the Middle East.

As of right now, there are no mitigations, but ICS-CERT is working with the vendor to find a patch.



Leave a Reply

You must be logged in to post a comment.