OTPulse
FeedAboutContact

Measuresoft ScadaPro

Monitor5.5ICS-CERT ICSA-24-107-01Apr 16, 2024
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

This vulnerability in ScadaPro 6.9.0.0 allows privilege escalation from unprivileged local user to SYSTEM level due to improper file permissions on application directories. An attacker with a local user account can exploit the overly permissive write access to escalate privileges and gain full control of the ScadaPro host. This is a local-only vulnerability; remote exploitation is not possible.

What this means
What could happen
A local attacker with unprivileged user access to the ScadaPro system could escalate privileges to SYSTEM level, gaining full control of the SCADA host and ability to modify process parameters or disable monitoring.
Who's at risk
Energy sector operators running ScadaPro 6.9.0.0 for SCADA monitoring and control, particularly those who allow local system accounts for support staff, engineers, or vendors to access these hosts interactively.
How it could be exploited
An attacker with a local user account on the ScadaPro host can exploit improper file permissions on application directories to escalate privileges to SYSTEM. The vulnerability exists in directory write permissions that allow low-privilege users to modify sensitive application files.
Prerequisites
  • Local user account on the ScadaPro system
  • Access to the file system (interactive login or shell access)
  • ScadaPro 6.9.0.0 installed
Low complexity exploitationRequires local access (not remotely exploitable)Privilege escalation to SYSTEM levelNo patch available from vendor
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
ScadaPro: 6.9.0.06.9.0.0No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDReconfigure the vulnerable directories to remove world-writable permissions. Ensure only the ScadaPro service account and SYSTEM have write access.
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HARDENINGReview local user accounts on ScadaPro hosts and remove or disable unnecessary accounts that do not require system access.
Mitigations - no patch available
0/2
ScadaPro: 6.9.0.0 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGImplement network segmentation to restrict which systems have interactive access to ScadaPro hosts. Limit RDP, SSH, or console access to authorized engineering and operations staff only.
HARDENINGApply the principle of least privilege: ensure service accounts and operator accounts run with only the minimum permissions needed for their role, not administrative rights.
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/c4fd48e0-1a1b-4bd5-be49-198d0ca8cc00
Measuresoft ScadaPro | CVSS 5.5 - OTPulse