Home -> Resources -> SCADA/ICS Vulnerability Reference -> IRAI AUTOMGEN

IRAI AUTOMGEN Buffer Overflow Vulnerability

October 10, 2011

Luigi Auriemma publically disclosed a vulnerability in the IRAI AUTOMGEN application making it prone to multiple remote code-execution vulnerabilities because it fails to properly validate user-supplied input.

The vulnerability is caused due to a use-after-free error when processing Project files and can be exploited to reference freed memory as a function pointer via a specially crafted ".agn" file.

Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploits can trigger a denial-of-service condition.

AUTOMGEN 8.0.0.7 is vulnerable; other versions may also be affected.

ICS-CERT Advisories / Alerts

ICS-ALERT-11-283-01

Vendor Website (include Patches / Hotfixes)

Vendor Website
AUTOMGEN Sofware Download and Documentation

Exploit Proof-of-Concept

Luigi Auriemma PoC
Exploit-DB ID 17964
AUTOMGEN exploit - Security Focus

Common Vulnerability & Exposure (CVE) References

Not available at this time.

Additional Information

Disclosure (Luigi Auriemma)
Exploit-DB ID 17964
Open-Source Vulnerability Database #76296
Secunia Advisory #46340
Secunia Vulnerability Report and Statistics on AUTOMGEN
Security Focus Vulnerability Info and Exploit Bugtraq 50045

More Holes Beset SCADA Firms (ISSSource)