July 8, 2011

The VUPEN Vulnerability Research Team has coordinated the disclosure of a memory corruption vulnerability with ICS-CERT. This vulnerability affects the 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) product.

This vulnerability affects all 7T IGSS versions prior to 9.0.0.11143.

7T has produced a patch to resolve this vulnerability. VUPEN has tested the patch and confirmed that it resolves the reported vulnerability.

The vulnerability is caused by a memory corruption error in the Open Data Connectivity (ODBC) server component (ODBCixv9se.exe) when processing packets sent to port 20222/tcp, which could result in an invalid structure being used. This can lead to an exploitable condition.

Successful exploitation of this vulnerability can allow an attacker  to perform a number of malkcious actions including denial of service (DoS) and arbitrary code execution. this vulnerability is remotely exploitable.

ICSA-11-189-01

7 Technologies IGSS Product Info
IGSS Free SCADA Software Download
IGSS Patch
IGSS Product Download Page (includes previous versions of software)

A commercial proof of concept is available through VUPEN Security - Exploit and PoCs Service. This proof of concept is not otherwise publicly available or known to be circulating in the wild.

CVE-2011-2214
NVD CVE-2011-2214

Disclosure (VUPEN Security Research - 7T IGSS Remote Memory Corruption Vulnerability)
Open-Source Vulnerability Database #77227
Secunia Advisory #44696
Secunia Vulnerability Report and Statistics on IGSS 9.x
Secunia Vulnerability Report and Statistics on IGSS 8.x
Secunia Vulnerability Report and Statistics on IGSS 7.x
Security Focus Vulnerability Info and Exploit Bugtraq ID 47960

Memory Vulnerability with 7-Technologies (ISSSource)