SB2023012503 - Multiple vulnerabilities in XINJE XD Programing Tool

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Path traversal (CVE-ID: CVE-2021-34605)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote user can trick a victim to open a specially crafted file and execute arbitrary code on the target system.

2) Insecure DLL loading (CVE-ID: CVE-2021-34606)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to the application loads DLL libraries in an insecure manner. A remote user can place a specially crafted .dll file and execute arbitrary code on victim's system.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• https://claroty.com/2022/05/11/blog-research-from-project-file-to-code-execution-exploiting-vulnerabilities-in-xinje-plc-program-tool/
• https://www.cisa.gov/uscert/ics/advisories/icsa-23-024-01