OTPulse
FeedAboutContact

Ecava IntegraXor

Plan Patch7.3ICS-CERT ICSA-17-031-02Jan 31, 2017
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

IntegraXor versions prior to 5.2.722.2 contain a SQL injection vulnerability (CWE-89) that allows remote attackers without credentials to execute arbitrary SQL commands. The application fails to properly sanitize user input before passing it to the database, allowing potential unauthorized access, modification, or deletion of operational data in the SCADA system. CVSS score 7.3 (high).

What this means
What could happen
An attacker with network access could inject malicious SQL commands into IntegraXor, potentially allowing unauthorized viewing, modification, or deletion of critical operational data that controls your SCADA/HMI system.
Who's at risk
Water utilities and municipal electric utilities running Ecava IntegraXor SCADA/HMI systems for process monitoring and control. This includes any organization using IntegraXor versions prior to 5.2.722.2 for real-time data acquisition, alarming, or operator interface functions.
How it could be exploited
An attacker sends a specially crafted SQL query through the network to the IntegraXor application. The vulnerable version does not properly sanitize user input before passing it to the database, allowing the attacker to execute arbitrary SQL commands and access or modify sensitive configuration and operational data.
Prerequisites
  • Network access to IntegraXor application port (typically HTTP/HTTPS)
  • No authentication required to exploit the vulnerability
Remotely exploitableNo authentication requiredLow complexity attackSQL injection (CWE-89)SCADA/HMI system impact
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (1)
ProductAffected VersionsFix Status
IntegraXor:5.0.413.05.2.722.2
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate IntegraXor to version 5.2.722.2 or later
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/fe71bc92-9a93-4ee0-aae6-47cbd306fa2f