Dorsett Controls InfoScan

Monitor5.3ICS-CERT ICSA-24-221-01Aug 8, 2024

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Dorsett Controls InfoScan versions 1.32, 1.33, and 1.35 contain path traversal (CWE-22) and information exposure (CWE-200) vulnerabilities that allow unauthenticated attackers with network access to expose sensitive information stored in the system, including credentials and configuration data. Exploitation could result in data theft and misuse of stolen credentials to access additional systems.

What this means

What could happen

An attacker could expose sensitive data stored in InfoScan, such as credentials or system configuration details, leading to unauthorized access to the monitoring system and potential compromise of other connected control systems.

Who's at risk

Water and electric utilities using Dorsett Controls InfoScan for SCADA monitoring and alarm management. Affects facilities that rely on InfoScan for visibility into process status, setpoints, and historical data.

How it could be exploited

An attacker with network access to the InfoScan interface could exploit path traversal or information disclosure flaws to retrieve sensitive files or credentials without authentication. The vulnerability does not require user interaction.

Prerequisites

Network reachability to the InfoScan web interface or API port
InfoScan version 1.32, 1.33, or 1.35 installed

remotely exploitableno authentication requiredlow complexityinformation disclosurecredential theft potential

Exploitability

Low exploit probability (EPSS 0.8%)

Affected products (1)

ProductAffected VersionsFix Status

InfoScan: 1.32|1.33|1.351.32|1.33|1.351.38 or later

Remediation & Mitigation

0/3

Do now

0/1

HARDENINGRestrict network access to InfoScan interface using firewall rules; ensure the system is not reachable from the internet or untrusted networks

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate InfoScan to version 1.38 or later via System Prefs > Maintenance > Install Now, or download from Dorsett Controls Customer Portal if internet access is unavailable

Long-term hardening

0/1

HARDENINGIsolate the control system network and InfoScan from the business network using network segmentation

CVEs (3)

CVE-2024-42493 CVE-2024-42408 CVE-2024-39287

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/893786b7-dc1e-471f-8d81-bf8466f38090