#VU10786 Stack-based buffer overflow in ControlWave Micro - CVE-2018-5452

Cybersecurity Help s.r.o.

Published: 2018-02-28

Vulnerability identifier: #VU10786

Vulnerability risk: Low

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-5452

CWE-ID: CWE-121

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
ControlWave Micro
Client/Desktop applications / Other client software

Vendor: Emerson

Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to stack-based buffer overflow. A remote attacker can send specially crafted packets on Port 20547 and force the PLC to change its state into halt mode.

Mitigation

Emerson offers the following mitigation advice:

Assess which ControlWave products in your organization have Ethernet connectivity.
Upgrade the affected devices to firmware version 05.79.00 to correct this possible action. System firmware upgrade instructions are available in product documentation (ControlWave Micro Process Automation Controller Instruction Manual, part D301392X012).
The resolution described is available only to the user when appropriately incorporated into the application running in ControlWave Micro firmware.
Prior to upgrading the system firmware, always perform a full alarm and historical collection (archive files as well as audit logs).

Vulnerable software versions

ControlWave Micro: All versions

External links
https://ics-cert.us-cert.gov/advisories/ICSA-18-058-03

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in Emerson ControlWave Micro