Pro-Face Pro-Server EX Vulnerabilities

Act NowICS-CERT ICSA-12-179-01Mar 31, 2012

Summary

Pro-Face Pro-Server EX versions 1.00.00 through 1.30.00 and GP-Pro EX/WinGP versions 2.00.00 through 3.01.100 contain multiple memory corruption vulnerabilities (CWE-119, CWE-680, CWE-788) that could allow remote code execution. No vendor patches are available for these vulnerabilities. The affected software is commonly used for HMI visualization and engineering workstations in industrial control environments.

What this means

What could happen

An attacker could exploit memory corruption vulnerabilities in Pro-Server EX or GP-Pro EX to execute arbitrary code on the affected system, potentially compromising HMI/SCADA operations or engineering workstations that manage industrial processes.

Who's at risk

Organizations operating Pro-Face Pro-Server EX or GP-Pro EX HMI/SCADA engineering software should be concerned. This affects system integrators, water utilities, power systems operators, and manufacturing facilities that use Pro-Face software for process visualization and control, particularly where engineering workstations are connected to networks that could reach the internet or untrusted sources.

How it could be exploited

An attacker with network access to a system running vulnerable Pro-Server EX or GP-Pro EX software could send a specially crafted input that triggers a buffer overflow (CWE-119) or other memory corruption condition (CWE-680, CWE-788). This could allow remote code execution if the software is exposed directly to untrusted networks or through an engineering workstation.

Prerequisites

Network access to the Pro-Server EX or GP-Pro EX application port
Vulnerable software version installed (Pro-Server EX <=1.30.00 or GP-Pro EX/WinGP <=3.01.100)

Remotely exploitableMemory corruption vulnerabilitiesHigh EPSS score (61.2%)No patch availableAffects HMI/engineering systems

Exploitability

High exploit probability (EPSS 61.2%)

Affected products (3)

3 EOL

ProductAffected VersionsFix Status

Pro-Server EX: >=1.00.00|<=1.30.00≥ 1.00.00|≤ 1.30.00No fix (EOL)

GP-Pro EX and related software WinGP: >=2.00.00|<=3.01.100.≥ 2.00.00|≤ 3.01.100.No fix (EOL)

GP-Pro EX and related software WinGP: >=2.00.00|<=3.01.100≥ 2.00.00|≤ 3.01.100No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDRestrict network access to Pro-Server EX and GP-Pro EX applications using firewall rules; only allow access from known engineering workstations and administrative networks

WORKAROUNDDisable or isolate Pro-Server EX and GP-Pro EX services if they are not actively required for operations

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGMonitor engineering workstations and servers running Pro-Server EX or GP-Pro EX for unauthorized access attempts and process execution anomalies

Mitigations - no patch available

0/1

The following products have reached End of Life with no planned fix: Pro-Server EX: >=1.00.00|<=1.30.00, GP-Pro EX and related software WinGP: >=2.00.00|<=3.01.100., GP-Pro EX and related software WinGP: >=2.00.00|<=3.01.100. Apply the following compensating controls:

HARDENINGImplement network segmentation to isolate engineering workstations and HMI systems from general corporate networks

CVEs (5)

CVE-2012-3792 CVE-2012-3795 CVE-2012-3794 CVE-2012-3793 CVE-2012-3797

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/af4e7f6b-d207-4aae-bdab-6203a4748185