Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: New SCADA Vulnerabilities in OPC Servers - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New SCADA Vulnerabilities in OPC Servers
Last night, 6 e-mails hit the Bugtraq list detailing vulnerabilities in OPC (OLE for Process Control) servers made by Takebishi Electric (vuln 1, vuln 2, vuln 3, vuln 4, vuln 5) and NETxAUTOMATION (vuln 1). The CVE entry for this is CVE-2007-1319 (for Takabishi) and CVE-2007-1313 (for NETxAUTOMATION).

OPC servers are used in SCADA systems (power grid, water system, etc) to consolidate network device info. These vulnerabilities allow for remote access to memory and could be used for remote code execution.  Authentication would be bypassed and an attacker could potentially take complete control of the OPC server. Because of the kind of applications OPC servers are used in, this vulnerability is important to remediate.

In all 6 cases, the vendor has an updates available for users to upgrade to.  The vulnerabilities were found during an OPC server assessment by Neutralbit for one of their customers. At present, there is no known exploit code in the fild.

If you are running either of these two vendors in your environment, you should upgrade immediately.
John Bambenek  bambenek /at/
University of Illinois at Urbana-Champaign

262 Posts
ISC Handler
Mar 23rd 2007

Sign Up for Free or Log In to start participating in the conversation!