Siemens SIMATIC ProSave < 1300.100.2201.15 Untrusted Path Arbitrary Code Execution (SSA-451236)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

An application running on the remote host is affected by an arbitrary
code execution vulnerability.

Description :

The remote host is running a version of Siemens SIMATIC ProSave prior
to version 13 Service Pack 1. It is, therefore, affected by an
arbitrary code execution vulnerability due to searching insufficiently
qualified paths when loading specific files and libraries. A local
attacker can exploit this with a specially crafted application file
which loads before the legitimate version, resulting in the execution
of arbitrary code under the privileges of the current user.

See also :

http://www.nessus.org/u?e088f800
https://ics-cert.us-cert.gov/advisories/ICSA-15-064-02A

Solution :

Upgrade to Siemens SIMATIC ProSave version 13 Service Pack 1
(1300.100.2201.15) or later.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)

Family: SCADA

Nessus Plugin ID: 84499 ()

Bugtraq ID: 72979

CVE ID: CVE-2015-1594

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now