Beijer Fixes Vulnerability

Monday, January 28, 2013 @ 08:01 PM gHale

Beijer Electronics created a new version that fixes a buffer overflow vulnerability in multiple ADP and H-designer products, according to a report on ICS-CERT.

This vulnerability, discovered by independent researcher Kuang-Chun Hung of Information and Communication Security Technology Center (ICST), can allow attackers to execute arbitrary code and gain unauthorized access. The vulnerability affects systems deployed in the critical manufacturing, food and agriculture, transportation, and energy sectors.

GE Patches 2 Proficy Vulnerabilities
Schneider Patches SCADA Hole
Schneider Faces Product Bugs
Schneider Updates SESU Vulnerability

Beijer did create the update that corrects this vulnerability and researcher Morgan Hung verified it mitigates the reported problem.

The following Beijer products suffer from the issue:
• ADP V6.5.0-180_R1967
• ADP V6.5.1-186_R2942
• H-Designer 6.5.0 B180_R1967

Successful exploitation of this vulnerability may allow an attacker the ability to execute arbitrary code and gain the privileges of the currently logged in user.

Beijer is a Sweden-based industrial automation and data communications company that maintains offices in several countries around the world, including the U.S., UK, Germany, France, Taiwan, China, and Brazil.

ADP is a configuration tool used to create applications for operator terminals, and H-Designer is HMI configuration software.

Beijer’s products deploy across several sectors including critical manufacturing, food and agriculture, transportation, and energy.

An attacker can input a long string into a dll file used by ADP and H-Designer, which can cause a buffer overflow. This vulnerability could allow arbitrary code execution, which could affect the integrity of the system. CVE-2013-4696 is the number assigned to this vulnerability, which has a CVSS v2 base score of 6.9.

This vulnerability is not exploitable remotely and cannot suffer a problem without user interaction. The exploit only triggers when a local user runs the vulnerable application and loads the malformed dll file.

There are no known public exploits targeting this vulnerability. Crafting a working exploit for this vulnerability could be difficult.

Leave a Reply

You must be logged in to post a comment.