ScadaTEC ModbusTagServer and ScadaPhone Remote Buffer Overflow Vulnerability
September 12, 2011 (Updated December 28, 2011)
Independent security research Steven Seeley publicly
released a report that included proof-of-concept (PoC)
exploit code targeting a remote, buffer-overflow
vulnerability in the
ScadaTEC ModbusTagServer and ScadaPhone products.
Exploitation of this vulnerability requires a specially
crafted ZIP archive file to be opened using the affected
application.
An attacker could exploit this issue to execute arbitrary
code in the context of the affected application. Failed
exploit attempts will likely result in denial-of-service
conditions.
ScadaTEC has produced a patch that resolves this
vulnerability for all affected products and versions.
The following versions are vulnerable:
ScadaTEC ScadaPhone 5.3.11.1230 and prior.
ScadaTEC ModbusTagServer 4.1.1.81 and prior.
SCADAhacker
comment:
ScadaTEC, Inc. is a US-based company, and is not
the same as Scadatec Ltd. recently mentioned in ICS-CERT
Advisory
ICSA-11-216-01 for the Procyon product.