Unitronics UniOPC Server Input Handling Vulnerability
October 6, 2011
Independent security researchers Billy Rios and Terry
McCorkle have found a vulnerability within a third-party
product of the Unitronics UniOPC Server.
UniOPC is prone to a remote code-execution vulnerability
because it fails to properly sanitize input from a
third-party plugin - IP*Works! SSL ActiveX control
(https50.ocx).
An attacker may leverage this issue to execute arbitrary
code on a system running an affected version of the
vulnerable product; failed attacks may cause
denial-of-service conditions.
UniOPC prior to 2.0.0 is vulnerable; other versions may also
be affected.
SCADAhacker
comment:
Billy Rios and Terry McCorkle presented at DerbyCon 2011 a
session entitled "100 Bugs in 100 Days: An Analysis of ICS
(SCADA) Software". You can view the presentation by
clicking here.