OTPulse
FeedAboutContact

Fultek WinTr Directory Traversal

Low RiskICS-CERT ICSA-12-262-01Jun 22, 2012
Summary

Fultek WinTr Scada contains a directory traversal vulnerability (CWE-23) in versions 4.0.5 and earlier that could allow an attacker to access files outside the intended directory structure.

What this means
What could happen
An attacker with access to WinTr Scada could read sensitive configuration files or data files from the system, potentially exposing system settings, credentials, or operational data needed to understand or compromise plant operations.
Who's at risk
Energy sector organizations using Fultek WinTr Scada for process monitoring and control should be aware of this vulnerability. This affects any operator or engineer accessing the application to view or configure SCADA functions.
How it could be exploited
An attacker with network or local access to WinTr Scada would craft a request using directory traversal sequences (like ../ or absolute paths) to access files outside the intended application directory, such as system configuration files or process data.
Prerequisites
  • Network or local access to WinTr Scada application
  • Ability to submit file requests or commands to the application
no patch availabledirectory traversal allows unauthorized file access
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
WinTr Scada: <=4.0.5≤ 4.0.5No fix (EOL)
Remediation & Mitigation
0/3
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HARDENINGRestrict network access to WinTr Scada to authorized engineering workstations and control networks only
HARDENINGMonitor and log all file access attempts on WinTr Scada systems to detect suspicious directory traversal attempts
Mitigations - no patch available
0/1
WinTr Scada: <=4.0.5 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGIsolate WinTr Scada systems from untrusted networks using a firewall or air-gapped architecture
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/8e124c08-25be-4915-ad2d-edd19451fa93
Fultek WinTr Directory Traversal - OTPulse