Carlo Gavazzi EOS Box Multiple Vulnerabilities

Low RiskICS-CERT ICSA-12-354-02Sep 22, 2012

Summary

Carlo Gavazzi EOS Box versions prior to 1.0.0.1080_2.1.10 contain SQL injection vulnerabilities (CWE-89) that allow remote code execution or data manipulation through unsanitized input to the device interface. No vendor patch is available for affected versions. The vulnerability affects process control and data acquisition functions in industrial automation environments.

What this means

What could happen

An attacker with network access to an EOS Box could inject SQL commands or execute arbitrary code to manipulate industrial processes or retrieve sensitive configuration data from the device.

Who's at risk

Water and electric utilities, chemical processing plants, and other industrial sites using Carlo Gavazzi EOS Box for process control, data acquisition, or remote management should review their deployment of this device. Critical if used in safety-critical loops or as a gateway between corporate networks and plant floor equipment.

How it could be exploited

An attacker on the network sends a specially crafted request containing SQL injection payloads or command injection code to the EOS Box web interface or management port. The device fails to sanitize user input, allowing the attacker to execute database queries or system commands directly on the device.

Prerequisites

Network access to the EOS Box management interface or web service port
Device running firmware version earlier than 1.0.0.1080_2.1.10

No patch availableSQL injection vulnerabilityRemotely exploitableAffects industrial control device

Exploitability

Low exploit probability (EPSS 0.2%)

Affected products (1)

ProductAffected VersionsFix Status

EOS-Box: <1.0.0.1080_2.1.10<1.0.0.1080 2.1.10No fix (EOL)

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDIf running EOS Box in a test or non-critical environment, consider decommissioning or isolating the device pending vendor guidance on available fixes

Mitigations - no patch available

0/2

EOS-Box: <1.0.0.1080_2.1.10 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGImplement network segmentation to restrict access to EOS Box management interfaces; allow only authorized engineering workstations or SCADA networks

HARDENINGMonitor network traffic to the EOS Box for suspicious SQL or command injection patterns

CVEs (1)

CVE-2012-6428

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/c592e37e-2b8f-4f0d-8de1-e69eded57051