Detections
Analytics

InduSoft Web Studio < v8.1 + SP3 Remote Command Injection Vulnerability

critical Nessus Network Monitor Plugin ID 701080

Synopsis

A vulnerable version of InduSoft Web Studio has been detected.

Description

InduSoft Web Studio versions prior to v8.1 + SP3 contain unauthenticated remote command injection vulnerability. An attacker can issue a specially crafted command 66 which causes IWS to load a DB connection file off of a network share using SMB. The DB file can contain OS commands that will be executed at the privilege level used by IWS.

Solution

Upgrade to InduSoft WebStudio v8.1 SP3.

See Also

https://www.tenable.com/security/research/tra-2019-04,https://www.us-cert.gov/ics/advisories/ICSA-19-036-01

Plugin Details

Severity: Critical

ID: 701080

Family: SCADA

Published: 7/23/2019

Updated: 7/23/2019

Risk Information

VPR

Risk Factor: Medium

Score: 5.1

Vulnerability Information

Patch Publication Date: 2/5/2019

Vulnerability Publication Date: 2/5/2019

Reference Information

CVE: CVE-2019-6545