Today the DHS ICS-CERT published an advisory for three vulnerabilities reported in the Schneider Electric ClearSCADA system. Two of the vulnerabilities were reported by Aditya Sood and Schneider self-reported the third. Schneider continues to work on producing a patch to mitigate these vulnerabilities, but the advisory does provide some specific interim mitigation measures that owner/users can take. The patches are scheduled to be released later this month.
The three vulnerabilities are:
● Cross-site scripting, CVE-2014-5411;
● Authentication bypass, CVE-2014-5412;
● Weak hashing algorithim, CVE-2014-5413
ICS-CERT reports that a low to moderately skilled attacker could remotely exploit two of these vulnerabilities while the third would require a social engineering exploit to get a local user with administrative access to exploit the cross-site scripting vulnerability.
Interestingly the ClearSCADA support page linked to in the advisory contains a link to their system security page which in turn provides a link to a page entitled “List of ClearSCADA Vulnerabilities”. The three vulnerabilities listed in this advisory are not listed on that page.