Takebishi Electric DeviceXPlorer OPC Server Multiple Vulnerabilities

high Nessus Plugin ID 24872

Synopsis

The remote Windows host has an application that is susceptible to remote execution of arbitrary code.

Description

The version of the Takebishi Electric DeviceXPlorer OPC server installed on the remote Windows host reportedly contains flaws in its data access methods that allow access to arbitrary portions of memory.

A remote attacker with access to the OPC interface may be able to leverage these issues to discover sensitive information, crash the affected service, or execute arbitrary code on the affected host.

Solution

Upgrade to version 3.12 build3 (3.12.003) or later of the appropriate DeviceXPlorer OPC Server.

See Also

http://www.neutralbit.com/en/rd/advisories/NB07-07.txt

http://www.neutralbit.com/en/rd/advisories/NB07-08.txt

http://www.neutralbit.com/en/rd/advisories/NB07-09.txt

http://www.neutralbit.com/en/rd/advisories/NB07-10.txt

http://www.neutralbit.com/en/rd/advisories/NB07-17.txt

http://www.faweb.net/us/opc/1231207.html

Plugin Details

Severity: High

ID: 24872

File Name: scada_devicexplorer_opc_code_exec.nbin

Version: 1.55

Type: local

Family: SCADA

Published: 3/23/2007

Updated: 5/20/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: SCADA/OPC, SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Patch Publication Date: 3/16/2006

Vulnerability Publication Date: 3/21/2006

Reference Information

CVE: CVE-2007-1319

BID: 23037

CERT: 926551