7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.009 Low
EPSS
Percentile
82.4%
This Advisory is a follow-up release to the original Advisory which was posted to the US-CERT secure Portal library October 08, 2012.
Dale Peterson of Digital Bond has identified multiple vulnerabilities in the C3-ilex’s EOScada application that can result in data leakage and a denial-of-service (DoS) condition. C3-ilex’s has produced a patch that resolves these vulnerabilities.
C3-ilex reports that the vulnerabilities affect all EOScada versions prior to 11.0.19.2.
Successful exploitation of these vulnerabilities may cause a DoS or data leakage.
Impact to individual organizations depends on many factors that are unique to each organization. ICS-CERT recommends that organizations evaluate the impact of these vulnerabilities based on their operational environment, architecture, and product implementation.
C3-ilex’s EOScada is a real-time Windows-based Energy Management System for electrical, water, sewage, and gas applications. The EOScada platform features a distributed processing, networked configuration using PCs running Microsoft Windows. The EOScada product line includes PC-based Master Stations as well as remote terminal units (RTUs) that perform communication, data concentration, and connections to a variety of intelligent electronic devices (IEDs).
The EOS Core Scada.exe does not restrict access that causes a DoS condition when attached to Port 5050/TCP or Port 24004/TCP, and any random data are sent to either port. The application will crash and restart and will be unavailable to legitimate users during that time.
CVE-2012-1810 has been assigned to this vulnerability. A CVSS V2 base score of 5.0 has also been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:N/I:N/A:P).
The EOSDataServer.exe attached to Port 24006/TCP is susceptible to a Resource Management Error when a large amount of random data is sent to the port.
CVE-2012-1811 has been assigned to this vulnerability. A CVSS V2 base score of 7.8 has also been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:N/I:N/A:C).
The eosfailoverservice.exe returns data in clear text when a connection is made to Port TCP/12000.
CVE-2012-1812 has been assigned to this vulnerability. A CVSS V2 base score of 5.0 has also been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:N/I:P/A:N).
The eosfailoverservice.exe attached to Port 12000/TCP is susceptible to a Resource Management Error when a large amount of random data is sent to the port.
CVE-2012-1813 has been assigned to this vulnerability. A CVSS V2 base score of 7.8 has also been assigned; the CVSS vector string is (AV:N/AC:L/Au:N/C:N/I:N/A:C).
These vulnerabilities are remotely exploitable.
No known public exploits specifically target these vulnerabilities.
An attacker with a low skill would be able to exploit these vulnerabilities.
C3-ilex recommends customers install the EOScada patch. Customers with a service agreement should contact C3-ilex’s Helpdesk at [email protected] or by calling the Help Desk at (510) 659-8300 x 107 for instructions on how to obtain the release. Customers without a service agreement should contact their C3-ilex Sales Manager for assistance in purchasing this or a later version release.
ICS-CERT encourages asset owners to take additional defensive measures to protect against this and other cybersecurity risks.
ICS-CERT also provides a section for control systems security recommended practices on the US-CERT Web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.
nvd.nist.gov/cvss.cfm?version=2&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:C)
nvd.nist.gov/cvss.cfm?version=2&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:C)
nvd.nist.gov/cvss.cfm?version=2&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:P)
nvd.nist.gov/cvss.cfm?version=2&vector=(AV:N/AC:L/Au:N/C:N/I:P/A:N)
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1810
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1811
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1812
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1813
public.govdelivery.com/accounts/USDHSCISA/subscriber/new?topic_id=USDHSCISA_138
twitter.com/CISAgov
twitter.com/intent/tweet?text=C3-ilex%20EOScada%20Multiple%20Vulnerabilities+https://www.cisa.gov/news-events/ics-advisories/icsa-12-271-01
www.dhs.gov
www.dhs.gov/foia
www.dhs.gov/performance-financial-reports
www.facebook.com/CISA
www.facebook.com/sharer/sharer.php?u=https://www.cisa.gov/news-events/ics-advisories/icsa-12-271-01&title=C3-ilex%20EOScada%20Multiple%20Vulnerabilities
www.instagram.com/cisagov
www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency
www.linkedin.com/sharing/share-offsite/?url=https://www.cisa.gov/news-events/ics-advisories/icsa-12-271-01
www.oig.dhs.gov/
www.surveymonkey.com/r/CISA-cyber-survey?product=https://www.cisa.gov/news-events/ics-advisories/icsa-12-271-01
www.usa.gov/
www.whitehouse.gov/
www.youtube.com/@cisagov
mailto:?subject=C3-ilex%20EOScada%20Multiple%20Vulnerabilities&body=www.cisa.gov/news-events/ics-advisories/icsa-12-271-01