OTPulse
FeedAboutContact

Progea Movicon Memory Corruption Vulnerability

Low RiskICS-CERT ICSA-12-131-01Feb 11, 2012
Summary

Progea Movicon versions earlier than 11.3 are vulnerable to a memory corruption flaw (CWE-119) that can be triggered by sending specially crafted input to the application. The vulnerability affects operator workstations and SCADA data servers. The vendor has indicated no plan to patch versions earlier than 11.3. Exploitation could lead to denial of service or arbitrary code execution with application privileges.

What this means
What could happen
A memory corruption vulnerability in Movicon allows an attacker to cause a denial of service or potentially execute arbitrary code on SCADA operator workstations or data servers, disrupting monitoring and control of industrial processes.
Who's at risk
Water utilities and electric utilities operating SCADA systems that use Progea Movicon for human-machine interface (HMI) and process monitoring and control. This affects operator workstations and data servers running Movicon versions before 11.3.
How it could be exploited
An attacker with network access to a Movicon instance could send a specially crafted input that triggers a memory corruption condition in the application, causing it to crash or potentially execute arbitrary code with the privileges of the Movicon process.
Prerequisites
  • Network access to Movicon application instance
  • No authentication required to trigger the vulnerability
No authentication requiredRemotely exploitableLow complexity attackNo patch availableMemory corruption vulnerability
Exploitability
Moderate exploit probability (EPSS 3.2%)
Affected products (1)
ProductAffected VersionsFix Status
Movicon: <11.3.<11.3.No fix (EOL)
Remediation & Mitigation
0/3
Do now
0/1
HARDENINGIsolate Movicon systems on a separate network segment with strict firewall rules limiting inbound connections to authorized engineering workstations only
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade to Movicon version 11.3 or later if available from the vendor
Mitigations - no patch available
0/1
Movicon: <11.3. has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGMonitor Movicon process logs and system memory for signs of crashes or unexpected behavior
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/e28c434a-a18c-4c3e-8640-17685d09e29c
Progea Movicon Memory Corruption Vulnerability - OTPulse