JTEKT ELECTRONICS Kostac PLC Programming Software
Plan Patch7.8ICS-CERT ICSA-23-096-03Apr 10, 2023
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary
JTEKT ELECTRONICS Kostac PLC Programming Software versions 1.6.9.0 and earlier contain a buffer overflow (CWE-125) and use-after-free (CWE-416) vulnerability. Successful exploitation allows an attacker to disclose information or execute arbitrary code on the engineering workstation. The vulnerability is triggered when opening a crafted project file. JTEKT ELECTRONICS has released version 1.6.10.0 and above, which addresses the vulnerability and includes a tamper-proof feature that prevents crafted project files from being opened. Project files saved with version 1.6.9.0 or earlier must be re-saved with the updated software to enable this protection.
What this means
What could happen
An attacker could craft a malicious PLC project file that, when opened by an engineer on their workstation, discloses sensitive information or runs arbitrary code on that machine. This could compromise the engineering environment and allow subsequent attacks on connected control systems.
Who's at risk
Manufacturing organizations that use JTEKT ELECTRONICS Kostac PLC Programming Software on engineering workstations. This affects anyone who programs, troubleshoots, or maintains JTEKT PLCs, including plant engineers, integrators, and panel builders.
How it could be exploited
An attacker creates a malicious Kostac PLC project file that exploits a buffer overflow or use-after-free vulnerability in the software. The attacker sends or places this file where an engineer will open it (email, shared drive, or a seemingly legitimate project archive). When the engineer opens the file in Kostac versions 1.6.9.0 or earlier, the vulnerability is triggered, allowing code execution or information disclosure on the engineering workstation.
Prerequisites
- Engineer must have Kostac PLC Programming Software version 1.6.9.0 or earlier installed
- Engineer must open a malicious or crafted project file (.kst or equivalent format)
- Local access to the engineering workstation (attacker can deliver the file via email, USB, network share, etc.)
Low complexity exploitation (malicious file)No authentication required (user interaction only)Affects engineering environment (potential access to production systems)Buffer overflow and use-after-free vulnerabilities (memory corruption)Vendor has released a fix (1.6.10.0 available)
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
JTEKT ELECTRONICS Kostac PLC Programing Software:≤ 1.6.9.01.6.10.0 and above
Remediation & Mitigation
0/4
Do now
0/2HARDENINGRestrict file execution and project opening on engineering workstations to trusted sources only; implement file scanning and validation before opening externally sourced project files
WORKAROUNDDisable automatic opening of project files from email or untrusted network locations
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
HOTFIXUpdate Kostac PLC Programming Software to version 1.6.10.0 or later on all engineering workstations
HOTFIXRe-save any PLC project files created with version 1.6.9.0 or earlier using the updated software (version 1.6.10.0 or above) to enable the tamper-proof feature
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/b2511a84-86cd-4481-9bbd-2aae5ee67324