New Firmware Clears Eaton ELCSoft Hole

Tuesday, March 6, 2018 @ 06:03 PM gHale

Eaton released new firmware to mitigate an improper input validation vulnerability in its ELCSoft, according to a report with ICS-CERT.

ELCSoft is programming software for all Eaton ELC programmable logic controllers. The ELC programmable logic controllers are not affected by this vulnerability. ELCSoft Versions 2.04.02 and prior suffer from the remotely exploitable vulnerability.

Hirschmann’s Mitigation Plan for Platform Switches
Schneider Updates SoMove, DTM Software
ICS Spectre, Meltdown Update Part IV
Delta Electronics Clears DOPSoft Hole

Successful exploitation of this vulnerability, discovered by Ariele Caltabiano (kimiya) and axt working with Trend Micro’s Zero Day Initiative, could allow an attacker to execute arbitrary code.

No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage the vulnerability.

In the vulnerability, there are multiple cases where specially crafted files could cause a buffer overflow which, in turn, may allow remote execution of arbitrary code.

CVE-2018-7511 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.3.

The product sees use mainly in the energy sector and on a global basis.

Dublin, Ireland-based Eaton released new firmware for ELCSoft.

Eaton said the current firmware needs to be uninstalled prior to loading the update.

Leave a Reply

You must be logged in to post a comment.