InduSoft WebStudio Server detection Version (SCADA) (deprecated)

medium Nessus Network Monitor Plugin ID 6318

Synopsis

The remote host is running an application use to control SCADA systems.This version is vulnerable to a stack-based buffer overflow and a component in the Remote Agent module.

Description

The remote host is a InduSoft WebStudio server use as a human-machine interface(HMI) that is linked to SCADA systems to provide trending, diagnostic data and management information. This version is vulnerable a stack-based buffer overflow and a component in the Remote Agent module.

Solution

Apply all the necessary patches, please reference the seealso section. Also restrict access to the server to authorized personnel only.

See Also

http://www.indusoft.com/hotfixes/hotfixes.php

Plugin Details

Severity: Medium

ID: 6318

Family: SCADA

Published: 2/8/2012

Updated: 6/1/2015

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C

Vulnerability Information

Vulnerability Publication Date: 11/16/2011

Exploitable With

Metasploit (InduSoft Web Studio Arbitrary Upload Remote Code Execution)

Reference Information

CVE: CVE-2011-4051, CVE-2011-4052

BID: 50675