Friday, January 21, 2011

DHS ICS-CERT Updates Automated Solutions Advisory

Last November DHS Industrial Control System Cyber Emergency Response Team issued an advisory on a heap corruption vulnerability in the Automated Solutions Modbus/TCP Master OPC server (v. 3.0.0). Today ICS-CERT published an updated version of that advisory (note the link on the ICS-CERT Control Systems web page is not functional, lacking a ‘.pdf’ on the end of the URL).

The new update notes that the vulnerability can be exploited using a non-compliant Modbus/TCP Slave application, but would not likely allow the attacker to execute arbitrary code. It also explains the some of the limits of the vulnerability.

ICS-CERT has not seen a publicly available exploit of this vulnerability but expects that an attacker with an ‘intermediate skill level’ would be able to create the necessary exploit code.

The new version of the advisory does not provide any changes to the suggested mitigation actions recommended to protect a system.

No comments:

/* Use this with templates/template-twocol.html */