AzeoTech Fixes DAQFactory Holes

Tuesday, August 29, 2017 @ 06:08 PM gHale

AzeoTech’s newest software version mitigates an incorrect default permissions and uncontrolled search path vulnerabilities in its DAQFactory, according to a report with ICS-CERT.

DAQFactory HMI versions prior to 17.1 suffer from the vulnerabilities, discovered by Karn Ganeshen.

Abbot Patches Pacemaker Holes
Westermo Firmware Release Fixes Issues
Rockwell Plan to Fix Cisco Holes
ALC Mitigation Plan for Product Holes

Successful exploitation of these vulnerabilities could allow authenticated system users to escalate their privileges and modify or replace application files.

No known public exploits specifically target these vulnerabilities. These vulnerabilities are not remotely exploitable. Local access and user-level privileges end up required to exploit these vulnerabilities.

In one of the vulnerabilities local, non-administrative users may be able to replace or modify original application files with malicious ones.

CVE-2017-12699 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.1.

In addition, an uncontrolled search path element vulnerability has been identified, which may execute malicious DLL files that have been placed within the search path.

CVE-2017-5147 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 4.2.

The product sees use in the critical manufacturing, energy and water sectors. It mainly sees action in the United States and Europe.

The newest version (Version 17.1) gives write privileges only to administrators and no longer searches for dlls outside of the application directory, said officials at AzeoTech.

AzeoTech provides the following instructions to upgrade to Version 17.1. Existing users can download and install the DAQFactory trial at this web site over their existing installation at no charge.

The user’s license is maintained. Because this is the standard update path for DAQFactory, most users will be familiar with the process.

Leave a Reply

You must be logged in to post a comment.