SpecView Mitigates SCADA/HMI Bug

Monday, January 14, 2013 @ 06:01 PM gHale

There are mitigation details for a directory traversal vulnerability with SpecView supervisory control and data acquisition/human-machine interface (SCADA/HMI) product, according to a report on ICS-CERT.

Independent researcher Luigi Auriemma first found the directory traversal vulnerability with proof-of-concept (PoC) exploit code and released it without coordination with either the vendor or ICS-CERT.

Mitigations for SIMATIC RF Manager
ControlLogix Firmware Patches
Advantech WebAccess Bug Reported
GE Updates HMI/SCADA Bug

Successful exploitation of this remotely exploitable vulnerability could result in data leakage and file manipulation. Exploits that target this vulnerability are publicly available.

SpecView released a new build that addresses this vulnerability and Auriemma verified it fixes the vulnerability.

SpecView 2.5 Build 853 and earlier suffer from the vulnerability

SpecView is a U.S.-based company that maintains offices in the United States and United Kingdom. The affected product, SpecView, is HMI software for SCADA equipment and sees use primarily in critical manufacturing.

By sending specially crafted packets to the SpecView webserver on Port 80/TCP, an attacker can cause a path traversal. CVE-2012-5972 is the number assigned to this vulnerability, which has a CVSS v2 base score of 2.6.

An attacker with a high skill would be able to exploit this vulnerability. SpecView recommends users download and install the updated fix from their web site which mitigates the vulnerability.

Leave a Reply

You must be logged in to post a comment.