hysetr.blogg.se - Evaluate catapult

Evaluate catapult serial#

BACKGROUNDĬatapult Software is based in New Zealand and specializes in SCADA/HMI software development. NCCIC/ICS-CERT recommends that organizations evaluate the impact of this vulnerability based on their operational environment, architecture, and product implementation. Impact to individual organizations depends on many factors that are unique to each organization. The device must be shut down and restarted to recover from the DoS.

Evaluate catapult serial#

If the device is connected via a serial connection, the same attack can be accomplished with physical access to the outstation. The use of this driver can cause the human-machine interface (HMI) to be put into a denial‑of‑service (DoS) condition by sending a specially crafted transmission control protocol (TCP) packet from the outstation on an IP-based network. Proficy human-machine interface/supervisory control and data acquisition (HMI/SCADA) – iFIX or CIMPLICITY servers with the vulnerable I/O Driver installed (this includes iFIX or CIMPLICITY installations that are part of Proficy Process Systems).

Catapult Software DNP driver (“DNP”): Version 7.20.56, and.

The following Catapult Software product is affected: This vulnerability could be exploited remotely. Please see ICSA-13-297-02 GE Proficy DNP3 Improper Input Validation for specific GE mitigations. This driver is used with General Electric (GE) Intelligent Platform’s Proficy iFIX and CIMPLICITY products. Adam Crain and Chris Sistrunk tested the updated software to validate that it resolves the vulnerability. Catapult Software has produced an updated software version that mitigates this vulnerability. This advisory was originally posted to the US-CERT secure Portal library on October 24, 2013, and is now being released to the NCCIC/ICS-CERT Web site.Īdam Crain of Automatak and independent researcher Chris Sistrunk have identified an improper input validation in Catapult Software’s DNP3 Driver software.