The three vulnerabilities identified are:
• Heap Overflow VulnerabilityThere are no known publicly available exploits for the first vulnerability, but there are tools available that could allow for an exploit of the other two vulnerabilities.
• Cross-site Scripting Vulnerabilities
• Insecure Web Authentication.
ICS-CERT and Control Microsystems recommend the following mitigation measures (after appropriate system vulnerability review):
• Upgrade older versions or install service packs (http://www.clearscada.com/services-support/software-updates/) for newer versions of this software.NOTE: See this post at DigitalBond.com for some interesting background on this advisory.
• Disable logons on ClearSCADA non-secure ports. Locate this setting under System Configuration => WebX in the server configuration window.
• Install a WebX security certificate from a trusted authority.
• Limit access to the server and server network to only trusted networks and users.