The vulnerability is located in the ODBC server service, vulnerable organizations that do not require ODBC connectivity may disable the service with no adverse effects to the CitectSCADA software. Nonetheless systems on that minimal set must still be considered potential attack vectors into the process control network and should they become compromised, providers of transitive trust from the process control network to external untrusted systems.īesides the recommendation of a secure network architecture with strict network access control measures, OS hardening and other sound system administration practices a specific workaround for the vulnerability reported in this advisory is provided below. In this particular case, access control mechanisms on both end-systems and network boundary devices such as firewalls and IPSes must ensure that only hardened and trusted systems from that minimal set can connect to systems in the process control network running potentially vulnerable software. However, if physical isolation of the process control network is not feasible it is strongly recommended to enforce and monitor strict network access control mechanisms to verify that only the absolute minimal required set of systems from both within and outside the process control network are allowed to connect to any systems within the process control network. In general process control networks should be physically isolated from corporate or other publicly accessible data networks as such an isolated network will limit the exposure of systems with network facing vulnerabilities only to accidental disruption or potentially malicious users or systems within the process control network itself. Vendor Information, Solutions and Workarounds Contact the vendor for fixed versions of the product.To accomplish such goal the would-be attacker must be able to connect to the vulnerable service on a TCP high-port.
#CITECT AUSTRALIA SOFTWARE#
The system is composed by software installed on standard computer equipment running on commercial-of-the-shelf Microsoft Windows operating systems.Ī vulnerability was found in CitectSCADA that could allow a remote un-authenticated attacker to force an abnormal termination of the vulnerable software (Denial of Service) or to execute arbitrary code on vulnerable systems to gain complete control of the software. with an integrated Human Machine Interface (HMI) / SCADA solution to deliver a scalable and reliable control and monitoring system. Citect's products are used by organizations worldwide in numerous industries including Aerospace & Defense, Oil & Gas, Power/Utilities, Chemical, Pharmaceutical, Manufacturing and others.ĬitectSCADA (Supervisory Control and Data Acquisition) is a system with the primary function of collecting data and providing an interface to control equipment such as Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs) etc. According to Citect's website the company, a fully owned subsidiary of Schneider Electric, has more than 150,000 licenses of its software sold to date. Citect's products are distributed in over 80 countries through a network of more than 500 partners. Release mode: Coordinated release Vulnerability InformationĬVE Name: CVE-2008-2639 Vulnerability DescriptionĬitect is a supplier of industrial automation software with headquarters in Australia and over 20 offices in Oceania, South East Asia, China, Japan, the Americas, Europe, Africa and the Middle East. Advisory Information Title: CitectSCADA ODBC service vulnerability