Via The Register UK -
Gasoline refineries, manufacturing plants and other critical facilities that rely on computerized control systems just became more vulnerable to tampering or sabotage with the release of attack code that exploits a security flaw in a widely used piece of software.
The exploit code, published over the weekend as a module to the Metasploit penetration testing tool kit, attacks a vulnerability that resides in CitectSCADA, software used to manage industrial control mechanisms known as SCADA, or Supervisory Control And Data Acquisition, systems. In June, the manufacturer of the program, Australia-based Citect, and Computer Emergency Response Teams (CERTs) in the US, Argentina and Australia warned the flawed software could put companies in the aerospace, manufacturing and petroleum industries at risk from outsiders or disgruntled employees.
The exploit was created by Kevin Finisterre, the director of penetration testing at security firm Netragard. He said he decided to release the code following conflicting statements by Citect about the severity of the flaw. As a result, he said, organizations that use CitectSCADA were confused about whether they were truly vulnerable.
[...]
Two of the more common means for gaining unauthorized control include wireless access points and internet-facing controls designed to save organizations money by allowing employees remote access, according to Core Security, which discovered the bug early this year.
To cut through the confusion, Finisterre provided a detailed description of the bug, which he described as a "classic stack-based buffer overflow." By default, a server component of CitectSCADA known as ODBC, or Open Database Connectivity, monitors TCP/IP networks for client requests. Attackers can gain control by modifying the size of the packets sent to the system.
The public exploit is just the latest chapter in a growing body of research revealing the risks of using SCADA systems. In May, Core warned of a flaw in monitoring software known as InTouch SuiteLink that put power plants at risk of being shut down. That same month, US lawmakers lambasted the organization that oversees the North American electrical grid. A UK government minister sounded a similar alarm in that country last month.
Given the increased reliance of SCADA systems - and the confusion that frequently surrounds security advisories - Finisterre said it's crucial white-hat penetration testers have a full chest of tools at their disposal for detecting and fixing vulnerabilities in the systems.
"If you outlaw SCADA exploits, only outlaws will have SCADA exploits," he wrote. "Spread information and inform both yourself and others."
-----------------------------------------------------
Paper and exploit on Milw0rm.com
No comments:
Post a Comment