SCADA Engine is a Building Automation Software development company. Their version of the BACnet OPC Client allows for the connection of an OPC compliant workstation, through the OPC Server to the BACnet network. That network controls building services including:
● Heating, Cooling and Ventilation.According to the Alert the buffer overflow vulnerability “can be exploited to create a stack-based buffer overflow when a user opens a specially crafted file (e.g., *.csv file)”. The BACnet OPC Client uses a *.csv file for storing the OPC Tag database. So it is not unusual for system users to see *.csv files.
● Chillers, Boilers .
● Air Handling Units.
● Security, Lighting.
● Miscellaneous equipment.
This vulnerability could potentially be exploited to allow an attacker to exercise control over the system by “arbitrary code execution”. This could allow alarms to be turned on or off, manipulate ventilation controls, and control networked building security devices.
According to the Alert there is not currently a patch or workaround available for this vulnerability. The current best defense is for system owners and operators to take extreme caution when opening unexpected or untrusted *.csv files. The ICS-CERT is in the process of contacting the vendor and will provide updates as appropriate.
Posts
No comments:
Post a Comment