Remote Procedure Call Vulnerability

Monday, November 7, 2011 @ 05:11 PM gHale

A Remote Procedure Call (RPC) vulnerability in Advantech/BroadWin WebAccess first disclosed in March is now getting an update. That update from Advantech/BroadWin is there will be no patch offered.

The issue with the web browser-based human-machine interface (HMI) product is the RPC affects the WebAccess Network Service on 4592/TCP and allows remote code execution, according to ICS-CERT. Independent security researcher Rubén Santamarta identified details and released exploit code.

SCADA/HMI ActiveX Hole Found
GE Works to Fix Vulnerabilities
Device Driver Vulnerability Found

This vulnerability affects all versions of Advantech/BroadWin WebAccess and it could allow an attacker to remotely execute arbitrary code. An attacker can initiate this exploit from a remote machine without user interaction. In addition, an exploit of this vulnerability is out and available. This vulnerability requires a moderate level of skill to exploit.

Advantech/BroadWin WebAccess is a web-based HMI product used in energy, manufacturing, and building automation systems. The installation base is across Asia, North America, North Africa, and the Middle East. WebAccess Client is available for desktop computers and laptops running Windows 2000, XP, Vista, and Server 2003. A thin-client interface is available for Windows CE and Windows Mobile 5.0.

CVE-2011-4041 is the number assigned this vulnerability in the National Vulnerability Database.

Manufacturers of the Advantech/BroadWin WebAccess product should refer to security considerations recommended by BroadWin in their Installation Manual. For more information, contact BroadWin support at

Leave a Reply

You must be logged in to post a comment.