Measuresoft ScadaPro Path Subversion Arbitrary DLL Injection Code Execution

high Nessus Plugin ID 59559

Language:

Synopsis

The remote Windows host has an application installed that has an arbitrary code execution vulnerability.

Description

The remote Windows host has a version of Measuresoft ScadaPro prior to version 4.0.0.0. As such, it reportedly has a DLL loading vulnerability that can be exploited by placing a Trojan DLL into a folder on the victim host where it could be loaded before a valid DLL.

Solution

Upgrade to ScadaPro 4.0.0.0 or later.

Plugin Details

Severity: High

ID: 59559

File Name: scada_measuresoft_scadapro_dll_loading_rce.nbin

Version: 1.70

Type: local

Agent: windows

Family: SCADA

Published: 6/18/2012

Updated: 5/20/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2012-1824

Vulnerability Information

CPE: cpe:/a:measuresoft:scadapro

Required KB Items: SCADA/Apps/Measuresoft/ScadaPro/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/7/2011

Vulnerability Publication Date: 5/24/2012

Reference Information

CVE: CVE-2012-1824

BID: 53681

ICSA: 12-145-01

Detections

Analytics