Wago, Wellintech Vulnerabilities

Monday, January 23, 2012 @ 06:01 PM gHale


Wago and Wellintech are suffering from vulnerabilities ranging from data leakage and unauthorized access to an insecure password encryption, according to reports from ICS-CERT.

Wago
There are multiple vulnerabilities with proof-of-concept (PoC) exploit code affecting the WAGO I/O System 750, controller product, according to a report from ICS-CERT.

RELATED STORIES
GE Hit by Vulnerability
Schneider: More Patches for Module Hole
Certec DoS Hole Patched
Rockwell FactoryTalk Vulnerability

The Wago I/O System 750 sees use in the industrial automation, building automation, marine automation, and on and offshore applications, according to Wago.

These reports ended up released by Digital Security Research Group without coordination with either the vendor or ICS-CERT.

ICS-CERT notified WAGO of this report and has asked the vendor to confirm the vulnerability and identify mitigations. ICS-CERT is issuing this alert to provide early notice of the report and identify baseline mitigations for reducing risks to these and other cyber security attacks.

All vulnerabilities, including data leakage and unauthorized access, are remotely exploitable. The data leakage vulnerability could result in a download in firmware and data leakage, while the unauthorized access could lead to a denial of service and or a loss of system integrity.

ICS-CERT is currently coordinating with WAGO and the security researcher to identify useful mitigations.

Wellintech
There is an insecure password encryption vulnerability with proof-of-concept (PoC) exploit code affecting Wellintech KingSCADA 3.0, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product.

The vulnerability is exploitable by decoding the password file, according to a report on ICS-CERT. Digital Security Research Group released this report without coordination with either the vendor or ICS-CERT.

ICS-CERT has notified WellinTech of this report and has asked the vendor to confirm the vulnerability and identify mitigations. ICS-CERT is issuing this alert to provide preliminary notice of the reported vulnerable products and to begin identifying baseline mitigations that can reduce the risk of attacks exploiting these vulnerabilities.

The insecure password encryption report, which is locally exploitable, included vulnerability details and PoC exploit code. The vulnerability’s impact could lead to an ability to log into the HMI.

Beijing, China- based WellinTech is a software development company specializing in the automation and control industry. The company also has offices in the United States, Japan, Singapore, Europe, and Taiwan.

KingSCADA is a Windows-based control, monitoring, and data collection application used across several industries including power, water, building automation, mining, and other sectors, the company said.

ICS-CERT is currently coordinating with WellinTech and the security researcher to identify useful mitigations.



Leave a Reply

You must be logged in to post a comment.