OTPulse
FeedAboutContact

SpiderControl SCADA Web Server

Monitor5.3ICS-CERT ICSA-17-234-03Aug 22, 2017
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

SpiderControl SCADA Web Server contains a path traversal vulnerability (CWE-22) that allows unauthenticated remote access to read arbitrary files from the server. An attacker can traverse directory structures to access files outside the web root, potentially exposing system configuration, credentials, or operational data.

What this means
What could happen
An attacker could read sensitive files from the SCADA web server, potentially exposing system configuration data, authentication details, or process information that could be used to plan further attacks on your SCADA infrastructure.
Who's at risk
Energy utilities and industrial sites running SpiderControl SCADA Web Server components. This affects any organization using web-based SCADA system interfaces for monitoring or configuration of critical infrastructure.
How it could be exploited
An attacker on the network can access the SCADA Web Server's web interface and use path traversal techniques to read files outside the intended web directory. No authentication is required, and the attack can be performed with basic HTTP requests.
Prerequisites
  • Network access to the SCADA Web Server's web port (typically HTTP/HTTPS)
  • No credentials required
remotely exploitableno authentication requiredlow complexityno patch availablepath traversal to sensitive files
Exploitability
Moderate exploit probability (EPSS 1.2%)
Affected products (1)
ProductAffected VersionsFix Status
SCADA Web Server - SCADA Web ServerSCADA Web ServerNo fix (EOL)
Remediation & Mitigation
0/3
Do now
0/1
WORKAROUNDRestrict network access to the SCADA Web Server to authorized engineering workstations and control systems only using firewall rules
Mitigations - no patch available
0/2
SCADA Web Server - SCADA Web Server has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGImplement network segmentation to isolate the SCADA Web Server from untrusted networks
HARDENINGMonitor and log all HTTP/HTTPS access to the SCADA Web Server for suspicious file access patterns
View full CISA ICS-CERT advisory
โ†‘โ†“ Navigate ยท Esc Close
API: /api/v1/advisories/8b176488-8c41-4825-85ce-ee4a40870adf