SCADA Engine BACnet OPC Server < 2.1.371.24 Multiple Vulnerabilities

high Nessus Plugin ID 82664

Synopsis

An application running on the remote host is affected by multiple vulnerabilities.

Description

The remote host is running a version of SCADA Engine BACnet OPC Server prior to version 2.1.371.24. It is, therefore, affected by multiple vulnerabilities :

- A heap-based buffer overflow exists in the SOAP web interface, which a remote attacker, using a specially crafted packet, can exploit to execute arbitrary code or crash the service. (CVE-2015-0979)

- An vulnerability exists in 'BACnetOPCServer.exe' due to not properly sanitizing user-supplied input. A remote attacker, using format string specifiers, can exploit this to execute arbitrary code or crash the service.
(CVE-2015-0980)

- An authentication bypass flaw exists in the SOAP web interface, which allows a remote attacker to read or write or delete arbitrary database fields.
(CVE-2015-0981)

Solution

Upgrade to SCADA Engine BACnet OPC Server 2.1.371.24 or later.

See Also

https://ics-cert.us-cert.gov/advisories/ICSA-15-069-03

Plugin Details

Severity: High

ID: 82664

File Name: scada_bacnet_opc_server_2_1_371_24.nbin

Version: 1.104

Type: remote

Family: SCADA

Published: 4/9/2015

Updated: 11/22/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C

Vulnerability Information

CPE: cpe:/a:scadaengine:bacnet_opc_server

Exploit Ease: No known exploits are available

Patch Publication Date: 3/10/2015

Vulnerability Publication Date: 3/10/2015

Reference Information

CVE: CVE-2015-0979, CVE-2015-0980, CVE-2015-0981

BID: 73022, 73024, 73028

ICSA: 15-069-03