3S Fixes Gateway Bug

Wednesday, May 22, 2013 @ 07:05 PM gHale

3S created an update for a denial-of-service (DoS) vulnerability in its CODESYS Gateway application, according to a report on ICS-CERT.

Successful exploitation of this remotely exploitable vulnerability, discovered by Nicholas Miles who has tested the update and validates that it resolves the vulnerability, could cause a DoS condition and may also allow the possibility of remote execution of arbitrary code.

Mitsubishi ActiveX Vulnerability
TURCK Fixes Gateway Bugs
Wonderware Mitigates Server Holes
RuggedCom Updates ROS Fix

The Gateway-Server is a third-party component found in multiple control systems manufacturer’s products.

CODESYS Gateway, Version suffers from this issue.

This product also sees use in products sold by other vendors. Control systems vendors should review their products, identify those that incorporate the affected software, and take appropriate steps to update their products and notify customers.

If exploited, an attacker could use this vulnerability to remotely cause a DoS with a system crash within the Gateway server application. Remote execution of arbitrary code may also be possible.

According to the 3S-Smart Software Solutions GmbH Web site, CODESYS sees use in virtually all sectors of the automation industry by manufacturers of industrial controllers or intelligent automation devices, by end users in many different industries, or by system integrators who offer automation solutions with CODESYS.

This vulnerability affects products primarily found in the energy, critical manufacturing, and industrial automation industries.

The vulnerability is the result of a referencing memory previously freed by the process. This condition commonly causes a system crash and may also present the possibility for execution of arbitrary code.

CVE-2013-81733 is the number assigned to this vulnerability, which has a CVSS v2 base score of 10.0.

No known public exploits specifically target this vulnerability, but an attacker with a low skill would be able to exploit this vulnerability.

3S produced a patch available for download from the 3S CODESYS Download page.

Leave a Reply

You must be logged in to post a comment.