Movicon TcpUploadServer Data Leakage (remote check)

medium Nessus Plugin ID 52995

Synopsis

The remote SCADA service leaks sensitive information.

Description

The installed version of Movicon TcpUploadServer service listening on the remote host is affected by an information disclosure vulnerability. By sending a specially crafted request, an unauthenticated remote attacker can enumerate drives available on the remote system.

Although Nessus has not checked for them, the installed version is also likely to be affected by several other vulnerabilities, including denial of service, arbitrary file deletion, and arbitrary code execution.

Solution

Upgrade to Movicon 11.2 Build 1084 or later.

See Also

http://www.us-cert.gov/control_systems/pdf/ICSA-11-056-01.pdf

Plugin Details

Severity: Medium

ID: 52995

File Name: scada_movicon_tcpuploadserver_data_leakage.nbin

Version: 1.50

Type: remote

Family: SCADA

Published: 3/25/2011

Updated: 2/14/2022

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: E:F/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/15/2011

Vulnerability Publication Date: 3/15/2011

Reference Information

BID: 46907

EDB-ID: 17034