#VU21935 Stack-based buffer overflow in IEC870IP - CVE-2019-13537

Cybersecurity Help s.r.o.

Published: 2019-10-18

Vulnerability identifier: #VU21935

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-13537

CWE-ID: CWE-121

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
IEC870IP
Hardware solutions / Drivers

Vendor: AVEVA Software, LLC.

Description

The vulnerability allows a remote attacker to cause a server-side crash.

The vulnerability exists due to a boundary error in the IEC870IP driver. A remote unauthenticated attacker can trigger stack-based buffer overflow and cause a server-side crash on the target system.

Note: This vulnerability affects only the IEC870IP driver used in Vijeo Citect and Citect SCADA.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

IEC870IP: 4.14.02

External links
https://ics-cert.us-cert.gov/advisories/icsa-19-290-01
https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec139.pdf

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

OpenSUSE Linux update for git

Gentoo update for Git

OpenSUSE Linux update for git

Amazon Linux AMI update for git

Stack-based buffer overflow in AVEVA IEC870IP driver for Vijeo Citect and Citect SCADA