Schneider Electric Interactive Graphical SCADA System Data Collector Overflow

2013-02-11T00:00:00
ID SAINT:D90D8BFD364F40BDFF1DDF059B92120F
Type saint
Reporter SAINT Corporation
Modified 2013-02-11T00:00:00

Description

Added: 02/11/2013
CVE: CVE-2013-0657
BID: 57449
OSVDB: 89324

Background

Schneider Electric Interactive Graphical SCADA System (IGSS) is a supervisory control and data acquisition (SCADA) system designed to monitor and control industrial processes. The Data Collector (**DC.exe**) component listens on port 12397/tcp.

Problem

A buffer overflow vulnerability in the **DC.exe** executable allows remote arbitrary code execution when a malicious user sends a specially crafted request to port 12397/tcp.

Resolution

Schneider Electric has released software updates for IGSS v9 and IGSS v10.

References

<http://ics-cert.us-cert.gov/pdf/ICSA-13-018-01.pdf>
<http://www2.schneider-electric.com/corporate/en/support/cybersecurity/viewer-news.page?c_filepath=/templatedata/Content/News/data/en/local/cybersecurity/general_information/2013/01/20130110_advisory_of_vulnerability_affecting_igss_scada_software.xml>

Limitations

This exploit was tested against Schneider Electric Interactive Graphical SCADA System 9.0 on Microsoft Windows Server 2003 SP2 English with DEP OptOut.

Platforms

Windows