InduSoft Web Studio < v8.1 + SP3 Remote Command Injection Vulnerability

critical Nessus Network Monitor Plugin ID 701080
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

A vulnerable version of InduSoft Web Studio has been detected.

Description

InduSoft Web Studio versions prior to v8.1 + SP3 contain unauthenticated remote command injection vulnerability. An attacker can issue a specially crafted command 66 which causes IWS to load a DB connection file off of a network share using SMB. The DB file can contain OS commands that will be executed at the privilege level used by IWS.

Solution

Upgrade to InduSoft WebStudio v8.1 SP3.

See Also

https://www.tenable.com/security/research/tra-2019-04,https://www.us-cert.gov/ics/advisories/ICSA-19-036-01

Plugin Details

Severity: Critical

ID: 701080

Family: SCADA

Published: 7/23/2019

Updated: 7/23/2019

Vulnerability Information

Patch Publication Date: 2/5/2019

Vulnerability Publication Date: 2/5/2019

Reference Information

CVE: CVE-2019-6545