Ecava IntegraXor Guest Account Information Disclosure Vulnerability
Low RiskICS-CERT ICSA-14-091-01Jan 2, 2014
Summary
Ecava IntegraXor versions prior to 4.1.4410 contain an information disclosure vulnerability in guest account functionality. Guest accounts can access and read sensitive information that should be restricted, potentially exposing system configuration, process parameters, or other confidential data. The vulnerability affects all versions before 4.1.4410 with no vendor fix available.
What this means
What could happen
An attacker with network access to IntegraXor could read sensitive information from guest accounts, potentially exposing system configuration, process data, or credentials that could be used for further attack.
Who's at risk
Water authorities, electric utilities, and manufacturing facilities using Ecava IntegraXor HMI/SCADA systems for process monitoring and control are affected. Any facility relying on IntegraXor for real-time visualization or data collection should evaluate their guest account configuration and network exposure.
How it could be exploited
An attacker connects to the IntegraXor SCADA/HMI application over the network and accesses guest account functionality to retrieve information that should be restricted. The guest account lacks proper access controls, allowing information disclosure without authentication or with minimal credentials.
Prerequisites
- Network access to IntegraXor application port
- Guest account must be enabled or exist on the system
remotely exploitableinformation disclosureno patch availableguest account misconfiguration
Exploitability
Moderate exploit probability (EPSS 1.9%)
Affected products (1)
ProductAffected VersionsFix Status
IntegraXor: <4.1.4410<4.1.4410No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2HARDENINGDisable guest accounts on IntegraXor if not required for operations
HARDENINGRestrict network access to IntegraXor application using firewall rules; limit connectivity to engineering workstations and authorized operator terminals only
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
HARDENINGReview and strengthen access controls on IntegraXor user accounts to ensure guest and unauthenticated access is minimized
HARDENINGMonitor IntegraXor application logs for unauthorized access attempts from guest accounts
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/061be2d6-804d-4ff1-99da-7e220308e49c