Wednesday, February 9, 2011

ICS-CERT Releases 7-Technologies Advisory

Yesterday, the DHS Industrial Control System Cyber Emergency Response Team (ICS-CERT) published an advisory concerning a confirmed remote heap corruption vulnerability in the Interactive Graphical SCADA System (IGSS) ODBC Server (ver. 8 & 9) from 7-Technologies (7T).

ICS-CERT reports that an intermediate skill level attacker could send specially crafted packet to the targeted server’s listening port (20222/TCP) causing the server to crash or perhaps cause arbitrary code execution. There are no known publicly available exploits for this vulnerability.

7T has verified this vulnerability and produced a software update.

In addition to installing the patch, ICS-CERT recommends the following mitigation strategy (with the standard impact analysis and risk assessment caveat):

• Users should minimize network exposure for all control system devices.

• Critical devices should not directly face the Internet.

• Control system networks and remote devices should be located behind firewalls and be isolated from the business network.

• If remote access is required, ICS-CERT recommends the use of secure methods, such as Virtual Private Networks (VPNs).

No comments:

/* Use this with templates/template-twocol.html */