Bugs in Galil Compact PLC

Monday, April 29, 2013 @ 08:04 PM gHale

Galil produced an update that mitigates the improper validation vulnerability in its RIO-47100 PLC that can result in a loss of availability, according to a report on ICS-CERT.

Researcher Jon Christmas of Solera Networks, who found the vulnerability, tested the update and validates that it resolves the remotely exploitable vulnerability.

Schneider Mitigates Software Vulnerability
Canary Labs Patches Vulnerability
Rockwell Patches Security Bugs
Cogent Fixes DataHub Bugs

Successful exploitation of this vulnerability could allow an attacker to affect the availability for the Galil RIO-47100 PLC, which sees use in the energy, defense industrial base, and agriculture and food sectors.

Galil is a U.S.-based company that maintains offices in Rocklin, CA. Galil produces motion control products distributed globally.

The RIO-47100 PLC is a compact PLC system that includes I/O. Galil said the products see use primarily in the United States and Europe with a small percentage in Asia.

The Galil RIO-47100 PLC allows repeated requests to send in a single session. By using these repeated requests sent in a single session, an attacker can cause a denial of service of the system.

CVE-2013-0699 is the number assigned to this vulnerability, which has a CVSS v2 base score of 7.1.

No known public exploits specifically target this vulnerability. However, an attacker with a medium skill would be able to exploit this vulnerability.

Galil developed an update to the RIO-47100 PLC that mitigates this vulnerability. Instructions and a link to the update are on the Galil download page.

Leave a Reply

You must be logged in to post a comment.