Trihedral VTScada 8.x < 11.2.02 Multiple Vulnerabilities

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

A SCADA application is affected by multiple vulnerabilities.

Description :

According to its self-reported version, the Trihedral VTScada
running on the remote host is after 8 and prior to 11.2.02. It is,
therefore, affected by multiple vulnerabilities :

- An authentication issue exists within the handling of
Wireless Application Protocol requests due to the
failure to properly validate user-supplied filenames. An
unauthenticated, remote attacker can leverage this
vulnerability to disclose the contents of arbitrary
files under the context of the user running the
service. (CVE-2016-4510)

- An Out-Of-Bounds read within the handling of Wireless
Application Protocol requests due to the failure to
traverse user-supplied paths. An unauthenticated,
remote attacker can leverage this vulnerability to
execute code under the context of the user running the
service. (CVE-2016-4523)

- A path traversal information disclosure vulnerability
within the handling of Wireless Application Protocol
requests due to the failure to properly restrict the
path from which images are retrieved. An remote,
unauthenticated, attacker can leverage this vulnerability
to disclose the contents of arbitrary files under the
context of the user running the service. (CVE-2016-4532)

See also :

https://ics-cert.us-cert.gov/advisories/ICSA-16-159-01

Solution :

Upgrade to Trihedral VTScada 11.2.02 or later.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)

Family: SCADA

Nessus Plugin ID: 103533 ()

Bugtraq ID: 91077

CVE ID: CVE-2016-4510
CVE-2016-4523
CVE-2016-4532

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now