Certec EDV Clears Scada Holes

Thursday, April 6, 2017 @ 02:04 PM gHale

Certec EDV GmbH released a new software version to fix cross-site scripting and header injection vulnerabilities in its atvise scada product, according to a report with ICS-CERT.

Atvise scada 3.0 and prior suffer from the remotely exploitable vulnerabilities, discovered by Sebastian Neef of Internetwache.org.

Schneider Clears SCADA Software Issue
Marel Food Processing Systems
Rockwell Fixes Stratix, ArmorStratix Hole
Wonderware Vulnerabilities Mitigated

Successful exploitation of these vulnerabilities could cause the device the attacker is accessing to execute arbitrary code, affecting the integrity of the device.

No known public exploits specifically target these vulnerabilities. However, an attacker with a low skill level would be able to leverage the vulnerabilities.

The atvise scada product mainly sees use in the critical manufacturing sector. It sees action on a global basis.

There is a header injection vulnerability, which could allow for a remote code execution.
CVE-2017-6031 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.1.

The cross-site scripting vulnerability, could allow for remote code execution.

CVE-2017-6029 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.4.

Eisenstadt, Austria-based Certec EDV GmbH advises affected users to update to the latest version, Version 3.1, which a user can download from the following link (a login will need to be obtained to download the latest version).

Certec EDV GmbH also recommends users activate built-in security mechanisms for the product as described in the atvise scada documentation.

Leave a Reply

You must be logged in to post a comment.