OAS HMI Holes Fixed

Friday, January 13, 2012 @ 02:01 PM gHale

Open Automation Software has now produced an update that resolves the malformed packet vulnerability on its OPC Systems.NET along with proof-of-concept (PoC) exploit code.

Independent researcher Luigi Auriemma, who discovered the vulnerability back in October, tested the update and confirmed it resolves the vulnerability, according to a report on ICS-CERT.

Snort to Boost SCADA Security
Siemens Default Password Issues
7-Technologies Vulnerability Part II
WellinTech’s Heap Overflow Hole

All versions of OPC Sytems.NET prior to Version 5.0 suffer from the vulnerability.

An attacker could remotely send in a malformed packet and cause a denial of service.

Open Automation Software is a U.S.-based company that provides .NET products for supervisory control and data acquisition (SCADA) and human-machine interfaces (HMI) applications.

OPC Systems.NET is an HMI application deployed across several sectors including manufacturing, information technology, energy, water and wastewater, defense, and others, Open Automation Software said. Open Automation Software its products see use across the globe, but its primary use is in the U.S.

The vulnerability is exploitable by sending a malformed .NET Remote Procedural Call (RPC) packet to cause a denial of service through Port 58723/TCP. CVE-2011-4871 is the number assigned to this vulnerability.

There are exploits out in the industry that do target this vulnerability, according to the ICS-CERT report.

Open Automation Software released OPC Systems.NET Version 5.0 that resolves the vulnerability by removing the vulnerable component.

Leave a Reply

You must be logged in to post a comment.