ATTENTION: Remotely exploitable/low skill level to exploit.
Vendor: Wecon Technologies
Equipment: LEVI Studio HMI Editor
Vulnerabilities: Heap-Based Buffer Overflow, Stack-Based Buffer Overflow
The following versions of LEVI Studio HMI Editor, a HMI programming software, are affected:
Successful exploitation of these vulnerabilities could cause the device to become unresponsive; a buffer overflow condition may allow remote code execution.
Wecon Technologies recommends that affected users upgrade to Version 1.8.1 of the software which can be downloaded from:
NCCIC/ICS-CERT recommends that users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
ICS-CERT reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
ICS-CERT also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Additional mitigation guidance and recommended practices are publicly available in the ICS‑CERT Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies, that is available for download from the ICS-CERT web site.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to ICS-CERT for tracking and correlation against other incidents.
No known public exploits specifically target these vulnerabilities.
This vulnerability causes a buffer overflow when a maliciously crafted project file is run by the system.
This vulnerability causes a buffer overflow, which could result in denial of service when a malicious project file is run on the system.
Andrea (rgod) Micalizzi, working with iDefense Labs, reported these vulnerabilities.
Critical Infrastructure Sector(s): Critical Manufacturing
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Fuzhou, Fujian, China