SAINT CorporationSAINT:1599D62F133870A54BD4E3D1F431C8F27T Interactive Graphical SCADA System dc.exe Directory Traversal
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.883 High
EPSS
Percentile
98.7%
Added: 06/03/2011
CVE: CVE-2011-1566
BID: 46936
OSVDB: 72349
Background
7-Technologies Interactive Graphical SCADA System (IGSS) is a Supervisory Control and Data Acquisition (SCADA) solution used mainly in Denmark and the US.
Problem
An input validation error in the Data Collector service (**dc.exe**) when processing certain commands can be exploited to execute any program on the system via a specially crafted packet containing directory traversal specifiers sent to the Data Collector service port, TCP port 12397.
Resolution
Upgrade to **dc.exe** version 9.00.00.11083 or higher. Control system devices and networks should not be directly connected to the Internet. Those that are should be behind firewalls, and isolated from business networks.
References
<http://secunia.com/advisories/43849/>
<http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-03.pdf>
Limitations
Exploit works on 7-Technologies IGSS 9.0.
This exploit makes use of a another 7-Technologies IGSS vulnerability (CVE-2011-1565), this one in the Data Server service (TCP port 12401), to upload an executable file to the target system.
Platforms
Windows
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.883 High
EPSS
Percentile
98.7%