This morning the DHS ICS-CERT followed up yesterday’s
publication of two alerts for Advantech products with an advisory
that I
described yesterday for a stack-based buffer overflow vulnerability in the
WebAccess product.
ICS-CERT reports that a relatively unskilled attacker could
exploit this vulnerability to execute arbitrary code or crash the system.
ICS-CERT reports that there is no publicly available exploit for this
vulnerability, but Core Security has clearly printed proof of concept code in their advisory [7:49 CST 11-23-14 Corrected link to go to Core Security site not ICS-CERT] for this vulnerability.
As I mentioned yesterday, ICS-CERT acknowledges that the
latest version of WebAccess does not contain this vulnerability, but that
updating to that version does not specifically remove the vulnerable file from
the system. The owner/operator has to take specific action to remove that file
that is not covered in the Advantech documentation, but has been identified by
Core Security.
Posts
No comments:
Post a Comment