Mitigation Ready for SEL Bug

Thursday, March 21, 2013 @ 07:03 PM gHale

There are mitigation details available for a vulnerability affecting the Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet software, according to a report on ICS-CERT.

Independent researcher Michael Toecker of Digital Bond identified an improper authorization vulnerability in the SEL AcSELerator application using the Microsoft Attack Surface Analyzer tool.

Schneider, Researcher Disagree on Holes
SIMATIC Update Solves Bugs
Siemens Mitigates WinCC TIA Bugs
Schneider Mitigates Vulnerabilities

The vulnerability went to the vendors prior to the 2013 Digital Bond S4 Conference and then presented at the conference. The function of AcSELerator QuickSet is to configure, read, and send settings to supported SEL devices such as relays, meters, and communication products.

This vulnerability is not exploitable remotely and cannot suffer from exploitation without access to the computer as an authorized user. No known public exploits specifically target this vulnerability.

SEL AcSELerator QuickSet versions older than Version suffer from the issue.

Successful exploitation of this vulnerability may allow an attacker with user rights to read or modify files in the AcSELerator QuickSet file system, possibly affecting the availability of the application. Unauthorized attackers can then access the AcSELerator Quickset executable files. This vulnerability can affect products deployed in the electric sector.

SEL is a U.S.-based company that maintains offices around the world. The affected product, SEL AcSELerator QuickSet, is a software package used to configure, read, and send settings to supported SEL devices such as relays, meters, and communication products. According to SEL, AcSELerator QuickSet works across the electric utilities sector.

The SEL AcSELerator QuickSet software does not limit user access to its installed executables to only authenticated administrative users. A malicious user with any level of access to the computer could replace executables within the SEL Program Files directory with their own executables. If any user ran the SEL application, the malicious executable would run instead. Successful exploitation of this vulnerability could cause loss of availability, integrity, confidentiality, and a disruption in communications with other connected devices.

CVE-2013-0665 is the number assigned to this vulnerability, which has a CVSS v2 base score of 6.2.

An attacker with a high skill would be able to exploit this vulnerability.

To mitigate this vulnerability, SEL developed and released AcSELerator QuickSet Version February 12. This version adds user access restrictions to the SEL AcSELerator QuickSet software so only authenticated administrative users can modify or replace executables. This version is available for download and installation through SEL Compass.

Leave a Reply

You must be logged in to post a comment.