SAINT CorporationSAINT:F7DE6CECAE3513B2C1D6CF8D70779261Schneider Electric Interactive Graphical SCADA System Data Collector Overflow
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.701 High
EPSS
Percentile
98.0%
Added: 02/11/2013
CVE: CVE-2013-0657
BID: 57449
OSVDB: 89324
Background
Schneider Electric Interactive Graphical SCADA System (IGSS) is a supervisory control and data acquisition (SCADA) system designed to monitor and control industrial processes. The Data Collector (**DC.exe**) component listens on port 12397/tcp.
Problem
A buffer overflow vulnerability in the **DC.exe** executable allows remote arbitrary code execution when a malicious user sends a specially crafted request to port 12397/tcp.
Resolution
Schneider Electric has released software updates for IGSS v9 and IGSS v10.
References
<http://ics-cert.us-cert.gov/pdf/ICSA-13-018-01.pdf>
<http://www2.schneider-electric.com/corporate/en/support/cybersecurity/viewer-news.page?c_filepath=/templatedata/Content/News/data/en/local/cybersecurity/general_information/2013/01/20130110_advisory_of_vulnerability_affecting_igss_scada_software.xml>
Limitations
This exploit was tested against Schneider Electric Interactive Graphical SCADA System 9.0 on Microsoft Windows Server 2003 SP2 English with DEP OptOut.
Platforms
Windows
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.701 High
EPSS
Percentile
98.0%