Fuji Electric Energy Savings Estimator

Plan Patch7.3ICS-CERT ICSA-18-282-07Oct 9, 2018

Attack VectorLocal

Auth RequiredLow

ComplexityLow

User InteractionRequired

Summary

The Fuji Electric Energy Savings Estimator contains an insecure DLL loading vulnerability (CWE-427). An attacker with local access could load a malicious DLL file and execute arbitrary code with the privileges of the application. Versions 1.0.2.0 and earlier are affected. Fuji Electric has released version 1.0.2.1 as a fix.

What this means

What could happen

An attacker with local access to an engineering workstation could trick a user into loading a malicious library file, allowing the attacker to run arbitrary code with the same permissions as the Energy Savings Estimator application.

Who's at risk

Energy managers and engineers at electric utilities and energy service companies who use Fuji Electric's Energy Savings Estimator tool on engineering workstations.

How it could be exploited

An attacker creates a malicious DLL file and places it in a location where the Energy Savings Estimator application searches for libraries (likely via social engineering or physical access). When the application runs, it loads the malicious DLL and executes the attacker's code. This requires the attacker to have local system access and user interaction to trigger the vulnerable code path.

Prerequisites

Local access to the workstation running Energy Savings Estimator
User action required (user must interact with the application in a way that triggers DLL loading)
Ability to place files in directories searched by the application

Local access required (not remotely exploitable)User interaction requiredAffects engineering tools used in critical infrastructure

Exploitability

Low exploit probability (EPSS 0.2%)

Affected products (1)

ProductAffected VersionsFix Status

Energy Savings Estimator:≤ 1.0.2.01.0.2.1

Remediation & Mitigation

0/4

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Energy Savings Estimator to version 1.0.2.1 or later from https://americas.fujielectric.com/engineers-room/online-tools/

Long-term hardening

0/3

HARDENINGRestrict access to engineering workstations running this tool to authorized personnel only

HARDENINGEducate users not to execute the Energy Savings Estimator or click links from untrusted sources, especially in contexts where unknown DLL files may have been introduced

HARDENINGImplement endpoint security controls to detect and block suspicious DLL loading behavior on workstations running this tool

CVEs (1)

CVE-2018-14812

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/745c2a10-b662-42fa-8122-e4bc4394b2ae