Movicon < 11.2 Build 1084 Multiple Vulnerabilities

high Nessus Plugin ID 52993

Synopsis

The remote Windows host has a SCADA application that is affected by multiple flaws.

Description

The installed version of Movicon is older than 11.2 Build 1084, and hence it is affected by multiple flaws. By sending a specially crafted packet to the TcpUploadServer service (included with Movicon) listening on port 10651, it might be possible for an unauthenticated attacker to crash the service, retrieve sensitive information, or execute arbitrary code on the remote system.

Solution

Upgrade to Movicon 11.2 Build 1084 or later.

See Also

http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdf

Plugin Details

Severity: High

ID: 52993

File Name: scada_movicon_11_2.nbin

Version: 1.66

Type: local

Family: SCADA

Published: 3/25/2011

Updated: 3/19/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: SCADA/Apps/Movicon/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/15/2011

Vulnerability Publication Date: 3/15/2011

Reference Information

CVE: CVE-2011-2963

BID: 46907

ICS-ALERT: 11-056-01, 11-056-01A