OTPulse
FeedAboutContact

Schneider Electric VAMPSET Buffer Overflow

Low RiskICS-CERT ICSA-14-254-01Jun 14, 2014
Summary

VAMPSET contains a buffer overflow vulnerability (CWE-121) in versions 2.2.136 and earlier. The overflow could be triggered by network input, potentially allowing code execution. No vendor patch is available for this product.

What this means
What could happen
A buffer overflow in VAMPSET could allow an attacker with network access to execute arbitrary code on engineering workstations or configuration servers, potentially leading to unauthorized changes to power system settings or process configurations.
Who's at risk
Energy sector utilities using Schneider Electric VAMPSET on engineering workstations or configuration servers for power system device setup and management. Specifically affects organizations with VAMPSET installations used to configure VAV controllers, drives, or other Schneider Electric automation equipment.
How it could be exploited
An attacker with network access to a VAMPSET installation would send a specially crafted packet or input to trigger the buffer overflow condition, overwriting memory and executing injected code with the privileges of the VAMPSET process.
Prerequisites
  • Network access to VAMPSET installation (typically on engineering workstation or configuration server)
  • VAMPSET version 2.2.136 or earlier running and accessible
No patch availableBuffer overflow vulnerabilityLocal/remote code execution potentialAffects engineering/configuration tools
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
VAMPSET: <=v2.2.136≤ v2.2.136No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGImplement network segmentation to restrict access to VAMPSET systems; only allow connections from authorized engineering workstations and configuration management systems
WORKAROUNDDisable remote access to VAMPSET if not required for operations; restrict access to local network only
Mitigations - no patch available
0/2
VAMPSET: <=v2.2.136 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGMonitor VAMPSET systems for unauthorized access attempts and unusual process behavior
HARDENINGEvaluate migration away from VAMPSET to a supported alternative if end-of-life status is confirmed
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/121ac1a2-cb5f-4238-a21d-f763ba065215