OTPulse
FeedAboutContact

LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA

Monitor7ICS-CERT ICSA-18-095-03Apr 5, 2018
Attack VectorLocal
Auth RequiredLow
ComplexityHigh
User InteractionNone needed
Summary

LAquis SCADA version 4.1.0.3391 and earlier contains a structured exception handler overflow vulnerability that can be triggered via local access. Successful exploitation causes the application to crash and may allow execution of arbitrary code on the affected SCADA workstation. The vulnerability affects energy sector control systems using this SCADA platform.

What this means
What could happen
An attacker with local access to a LAquis SCADA workstation could trigger a buffer overflow condition that crashes the software and potentially executes arbitrary code on that computer, disrupting SCADA monitoring and control functions.
Who's at risk
Energy sector operators using LAquis SCADA software for industrial control and monitoring should be concerned. This affects anyone running the SCADA workstations or servers for process supervision and control in generation, transmission, or distribution facilities.
How it could be exploited
An attacker with local access to a machine running LAquis SCADA would send a specially crafted input or trigger a specific sequence that causes the structured exception handler to overflow. This could result in the application crashing or, with careful payload construction, allow the attacker to execute arbitrary commands with the privileges of the SCADA software.
Prerequisites
  • Local access to a machine running LAquis SCADA version 4.1.0.3391 or earlier
  • User privileges or ability to interact with the LAquis SCADA application
  • Knowledge of the specific input or trigger that causes the exception handler overflow
Local access required (reduces immediate risk but increases insider threat concern)No patch available from vendorCan cause crash and potential code execution on SCADA computersAffects active SCADA systems
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
LAquis SCADA software:≤ 4.1.0.3391No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/3
HARDENINGIsolate LAquis SCADA workstations and servers from the business network using a firewall and network segmentation; ensure SCADA networks are not routable to or from the Internet
HARDENINGRestrict physical and remote access to LAquis SCADA systems to authorized operators only; implement access controls and monitoring on all remote access methods
WORKAROUNDIf remote access to SCADA systems is required, use secure methods such as a VPN with the latest security patches, and isolate remote access nodes behind a separate firewall
Long-term hardening
0/1
HOTFIXContact LCDS to inquire about patched versions or workarounds for LAquis SCADA; monitor vendor communications for security updates
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/8d796034-b286-4559-aeb0-f95268ee82ef
LCDS - Leão Consultoria e Desenvolvimento de Sistemas Ltda ME LAquis SCADA | CVSS 7 - OTPulse