Patch Fixes 7T SCADA Woes

Tuesday, January 17, 2012 @ 05:01 PM gHale

There is a patch out there to take care of the unsafe search path vulnerability in the 7-Technologies (7T) IGSS Interactive Graphical SCADA System.

7T produced a patch that fixes this vulnerability. Researcher Kuang-Chun Hung of Security Research and Service Institute Information and Communication Security Technology Center (ICST), who found the vulnerability, tested the patch and verified it resolves the issue.

Patch for Cogent DataHub Holes
OAS HMI Holes Fixed
Snort to Boost SCADA Security
Siemens Default Password Issues
7-Technologies Vulnerability Part II

All versions of the 7T Interactive Graphical SCADA System prior to V9.0.0.11291 suffer from the vulnerability

Successful exploitation of this vulnerability may allow an attacker using social engineering to execute arbitrary code and gain the same privileges as the user currently logged into the system.

Denmark-based 7T creates monitoring and control systems primarily used in the United States, Europe, and South Asia. IGSS is in over 28,000 industrial plants in 50 countries worldwide, according to 7T. The Interactive Graphical SCADA system software controls and monitors programmable logic controllers in industrial processes across multiple sectors including energy, manufacturing, oil and gas, and water.

To successfully exploit this vulnerability, an attacker would need to place a malicious DLL in the search path of an executable program. CVE-2011-4053 is the number assigned to this vulnerability. This vulnerability is remotely exploitable but may require social engineering. An attacker with a low skill level can execute this DLL hijack attack.

7T developed a patch to address this vulnerability and provided the following options for updating their systems:

  • In the preferred method, the user goes in the IGSSMaster application and selects the menu “Information and support” and clicks “Update IGSS Software.” This will automatically download and install the updated module.
  • Another method is to go to the website, select the menu item “Download => Licensed Versions” and click the link “Program updates (General)” for Version 9. This will download a .zip file containing all current updates for IGSS Version 9. Once the file downloads, manually unpack the .zip file and copy the contents to the \IGSS\ directory within the IGSS installation folder at the end-user’s computer.

Leave a Reply

You must be logged in to post a comment.