OTPulse
FeedAboutContact

iniNet Solutions SpiderControl SCADA Web Server

Plan Patch7.5ICS-CERT ICSA-24-254-02Sep 10, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

A flaw in SpiderControl SCADA Web Server v2.09 and earlier allows an attacker to log in without valid credentials or execute arbitrary code via improper input validation on the web interface. Successful exploitation could allow unauthorized control of SCADA functions. The vulnerability is classified as CWE-434 (Unrestricted Upload of Dangerous File Types).

What this means
What could happen
An attacker could log in to the SpiderControl SCADA web interface without valid credentials or execute arbitrary code, potentially allowing them to modify setpoints, stop processes, or alter control logic in energy systems.
Who's at risk
Energy utilities and operators who run SpiderControl SCADA systems should immediately assess their deployment. This affects any SCADA web server used to monitor or control power generation, transmission, or distribution equipment.
How it could be exploited
An attacker on the network can send specially crafted requests to the SpiderControl SCADA web server. The server does not properly validate input, allowing the attacker to either bypass authentication and log in or upload malicious code that executes on the server.
Prerequisites
  • Network access to the SpiderControl SCADA Web Server on its web interface port (typically 80/443)
  • The web server must be reachable from the attacker's network segment
remotely exploitableno authentication requiredlow complexityhigh impact (integrity)affects control systems
Exploitability
Moderate exploit probability (EPSS 4.5%)
Affected products (1)
ProductAffected VersionsFix Status
SpiderControl SCADA Web Server: <=v2.09≤ v2.093.2.2
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDRestrict network access to the SpiderControl web server using firewall rules; ensure it is not accessible from the internet or untrusted networks
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade SpiderControl SCADA Server to version 3.2.2 or later
Long-term hardening
0/2
HARDENINGIsolate the SpiderControl SCADA server on a separate control network behind a firewall, segmented from business networks and the internet
HARDENINGIf remote access is required, implement a VPN or equivalent secure remote access method rather than exposing the web interface directly
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/8b6a4b84-8ea3-454b-9f98-203dd5b13b87
iniNet Solutions SpiderControl SCADA Web Server | CVSS 7.5 - OTPulse