SpiderControl MicroBrowser Fixed

Tuesday, August 22, 2017 @ 03:08 PM gHale

SpiderControl created new software to mitigate a stack-based buffer overflow vulnerability in its SCADA MicroBrowser, according to a report with ICS-CERT.

A software management platform, SCADA MicroBrowser Versions and prior suffer from the remotely exploitable vulnerability, discovered by Karn Ganeshen, working with Trend Micro’s Zero Day Initiative (ZDI).

Marel Updates Food Processing Systems
Philips Clears Portal Vulnerabilities
Vulnerability in CPAP Machine
Advantech Unable to Verify WebOP Hole

Successful exploitation of this vulnerability could allow an attacker to gain access to the system, manipulate system files, and potentially render the system unavailable.

No known public exploits specifically target this vulnerability. However, an attacker with low skill level could leverage the vulnerability.

In the vulnerability, opening a maliciously crafted html file may cause a stack overflow.

CVE-2017-12707 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.3.

The product sees use mainly in the critical manufacturing sector. For the most part, it sees action in Europe.

Switzerland-based SpiderControl produced a new version of the software (Version

Leave a Reply

You must be logged in to post a comment.