Pro-face Pro-Server Vulnerabilities

Friday, May 18, 2012 @ 03:05 PM gHale

There are multiple vulnerabilities affecting Pro-face Pro-Server, a supervisory control and data acquisition/human-machine interface (SCADA/HMI) product.

The flaws include invalid memory access, buffer overflow, unhandled exception, and memory corruption, with proof-of-concept (PoC) exploit code, according to a report on ICS-CERT. All holes could cause a denial of service (DoS) and possible remote code execution.

Wonderware SuiteLink Vulnerability
Progea Movicon Vulnerability
Gas Pipelines Under Attack
Using Malware for Recon Work

These vulnerabilities, released by researcher Luigi Auriemma on his website without coordination with either the vendor or ICS-CERT, are remotely exploitable via specially crafted packets.

The vendor is aware of the issue and ICS-CERT asked the company to confirm the vulnerability and identify mitigations. No patch is currently available.

This ICS-CERT alert provides early notice of the report and identifies baseline mitigations for reducing risks to these and other cyber security attacks.

Pro-face is a North American company that creates hardware and software products found in industrial, oil and gas, food and beverage, and water and wastewater industries. Pro-Server EX is a data management server that collects information generated by a SCADA system and generates reports.

Leave a Reply

You must be logged in to post a comment.