Today the DHS ICS-CERT published the latest version of the Crain-Sistrunk advisory; a buffer overflow vulnerability in the SUBNET SubSTATION Server 2, Telegyr 8979 Master application. The vulnerability was detected as part of the Automatak Project Robus use of a new fuzzer targeting Telegyr 8879 telecontrol protocol implementations. SUBNET has produced a hotfix for the vulnerability that Crain-Sistrunk have validated as successfully mitigating the vulnerability.
ICS-CERT reports that a moderate to highly skilled attacker could remotely exploit this vulnerability to execute a DOS attack. SUBNET discovered a closely related vulnerability during their investigation of the Crain-Sistrunk report. Both vulnerabilities are addressed by the hotfix.