7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.822 High
EPSS
Percentile
98.4%
Citect CitectSCADA contains a remotely accessible buffer overflow vulnerability which may allow a remote attacker to execute arbitrary code.
Citect CitectSCADA is software used for monitoring and control in Supervisory Control And Data Acquisition (SCADA) systems. A buffer overflow vulnerability exists in the CitectSCADA ODBC service. The ODBC Server listens on the network (20222/tcp) for service requests from clients. An attacker could exploit this vulnerability by sending specially crafted packets to a vulnerable CitectSCADA system. According to Core Security Technologies Advisory:
A remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial of service.
Apply a patch
Supported Citect customers should contact Citect to receive a patch. For more information on contacting Citect visit http://www.citect.com/index.php?option=com_content&task=view&id=1374&Itemid=223.
Restrict access
Restricting access to a vulnerable system by using host or network based firewalls may prevent a remote attacker from exploiting this vulnerability. For more information refer to Citect security article Securing Your SCADA Network.
Restricting access may result in loss of ODBC Server connectivity. According to Core Security Technologies Advisory:
476345
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: April 14, 2008 Updated: October 06, 2008
Affected
Citect advises supported customers concerned about this reported issue to contact Citect Global Support Centre for related security advice and to receive the patch if required. Customers can navigate to http://www.citect.com/index.php?option=com_content&task=view&id=1374&Itemid=223 for advice on how to contact Support via telephone, facsimile, email or the Web portal.
See also <http://www.citect.com/documents/news_and_media/pr-citect-address-security.pdf> and http://knowledgebase.citect.com/SafetyandSecurity/.
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
Thanks to Ivan Arce at Core Securities for information that was used in this report.
This document was written by Chris Taschner.
CVE IDs: | CVE-2008-2639 |
---|---|
Severity Metric: | 7.35 Date Public: |
knowledgebase.citect.com/SafetyandSecurity/
news.infracritical.com/pipermail/scadasec/2008-September/001503.html
secunia.com/advisories/30638/
www.citect.com/documents/news_and_media/CitectSCADA-security-response.pdf
www.citect.com/documents/news_and_media/pr-citect-address-security.pdf
www.citect.com/index.php?option=com_content&task=view&id=1374&Itemid=223
www.citect.com/index.php?option=com_content&task=view&id=1374&Itemid=223
www.citect.com/index.php?option=com_content&task=view&id=186&Itemid=322
www.citect.com/index.php?option=com_content&task=view&id=26&Itemid=29
www.coresecurity.com/index.php5?module=ContentMod&action=item&id=2186
www.csoonline.com/article/print/448626
www.digitalbond.com/wiki/index.php/CitectSCADA_Stack_Overflow_Vulnerability
www.digitalmunition.com/5ws_of_Citect_ODBC.txt
www.digitalmunition.com/citect_scada_odbc.rb
www.milw0rm.com/exploits/6387
www.milw0rm.com/papers/221
www.pcworld.com/businesscenter/article/150888/computer_threat_for_industrial_systems_now_more_serious.html
www.securityfocus.com/bid/29634/discuss
www.theregister.co.uk/2008/09/19/scada_advisory_pulled/