This afternoon the DHS ICS-CERT published an advisory for
twin buffer overflow vulnerabilities in OPTO 22 products. The vulnerabilities
were reported by Ivan Sanchez from Nullcode Team. OPTO has released new
versions that mitigate the vulnerabilities and Sanchez has been able to verify
the efficacy of the fix.
The twin vulnerabilities are:
∙ Heap-based buffer overflow, CVE-2015-1006;
and
∙ Stack-based buffer overflow, CVE-2015-1007.
ICS-CERT reports that a relatively unskilled attacker could
remotely exploit the heap-based overflow vulnerability. The Stack-based
overflow would require a social engineering attack before the vulnerability
could be remotely exploited.
OPTO
reports that the stack-based overflow vulnerability actually resides in a
Rockwell OPC Test Client application (no version number is provided). The
newer, unaffected OPTO 22 products use a ProSys Test Client application
instead. Owners can obtain a copy of the ProSys Test Client from the OPTO 22
FTP site if they do not want to install the updated version of the PAC Project
applications.
This is apparently just another case of a vendor using
another vendor’s files without understanding the included vulnerabilities. It
would be interesting if someone (ICS-CERT MAYBE) would look to see how many
other systems were using the vulnerable Rockwell OPC Test Client.
Posts
No comments:
Post a Comment