ICS-CERT reports that an intermediate skill level attacker could send specially crafted packet to the targeted server’s listening port (20222/TCP) causing the server to crash or perhaps cause arbitrary code execution. There are no known publicly available exploits for this vulnerability.
7T has verified this vulnerability and produced a software update.
In addition to installing the patch, ICS-CERT recommends the following mitigation strategy (with the standard impact analysis and risk assessment caveat):
• Users should minimize network exposure for all control system devices.
• Critical devices should not directly face the Internet.
• Control system networks and remote devices should be located behind firewalls and be isolated from the business network.
• If remote access is required, ICS-CERT recommends the use of secure methods, such as Virtual Private Networks (VPNs).